Re: safe.directory warnings for root-owned repositories

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Michael Orlitzky <michael@orlitzky.com>
To: Caleb White <cdwhite3@pm.me>
Cc: git@vger.kernel.org
Subject: Re: safe.directory warnings for root-owned repositories
Date: Thu, 31 Oct 2024 08:15:24 -0400	[thread overview]
Message-ID: <ZyN03D8os53XJGDo@mertle> (raw)
In-Reply-To: <D59QZ1P3KSNB.ZXDHUA5HGC97@pm.me>

On 2024-10-31 05:38:00, Caleb White wrote:
> 
> The dubious ownership check simply reports that the directory is owned by
> someone other than the user running the command, with no special handling
> for the root user. While the error might not make the most sense in this
> context, I'm not sure that it's worth special-casing the root user
> (really the user with id = 0 as it might not be named `root`) in the
> implementation.
> 
> Why would you initialize a repository as `root` in the first place?

To avoid the dubious ownership warning, obviously :)

These are shared repositories that I and my coworkers push to over
SSH. Write access is granted via ACLs, with ownership being mostly
irrelevant. (This is still "unsafe," but not for the stated reason.)

I don't necessarily have a problem with adding O(m*n) safe.directory
entries, but every once in a while someone will ask me about it, and I
don't have a good answer for why it's not safe to push to a repository
that's owned by root. I guess it's just more annoying to have to
override the warning when the warning is wrong. Though if it was
changed to "dubious repository writability," I wouldn't be able to
complain any more.

next prev parent reply	other threads:[~2024-10-31 12:15 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-10-31  4:23 safe.directory warnings for root-owned repositories Michael Orlitzky
2024-10-31  5:38 ` Caleb White
2024-10-31 12:15   ` Michael Orlitzky [this message]
2024-10-31 20:04     ` Taylor Blau

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZyN03D8os53XJGDo@mertle \
    --to=michael@orlitzky.com \
    --cc=cdwhite3@pm.me \
    --cc=git@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.