Allow git to run on an other user repository

Reported by Anton: "Recent versions of libgit2 broke stagit for me due to the added opt-out GIT_OPT_SET_OWNER_VALIDATION configuration knob. My repositories are owned by root:vcs and I run stagit as another user which happens to be in vcs group but not the owner of the repository. Disabling the validation makes stagit work as expected again." Some notes: When using regular git it also provides a knob. This is due to a security concern in some cases, which is not applicable to stagit. git log somerepo fatal: unsafe repository ('somerepo' is owned by someone else) To add an exception for this directory, call: git config --global --add safe.directory somerepo See also / related: - https://github.blog/2022-04-12-git-security-vulnerability-announced/
2022-05-24 10:58:37 +02:00 · 2022-05-24 10:58:37 +02:00 · 1357ad5181
commit 1357ad5181
parent a8a5e9c3b3
2 changed files with 4 additions and 0 deletions
--- a/stagit-index.c
+++ b/stagit-index.c
@ -188,6 +188,8 @@ main(int argc, char *argv[])
 	git_libgit2_init();
 	for (i = 1; i <= GIT_CONFIG_LEVEL_APP; i++)
 		git_libgit2_opts(GIT_OPT_SET_SEARCH_PATH, i, "");
+	/* do not require the git repository to be owned by the current user */
+	git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 0);

 #ifdef __OpenBSD__
 	if (pledge("stdio rpath", NULL) == -1)
--- a/stagit.c
+++ b/stagit.c
@ -1235,6 +1235,8 @@ main(int argc, char *argv[])
 	git_libgit2_init();
 	for (i = 1; i <= GIT_CONFIG_LEVEL_APP; i++)
 		git_libgit2_opts(GIT_OPT_SET_SEARCH_PATH, i, "");
+	/* do not require the git repository to be owned by the current user */
+	git_libgit2_opts(GIT_OPT_SET_OWNER_VALIDATION, 0);

 #ifdef __OpenBSD__
 	if (unveil(repodir, "r") == -1)