* [honister][PATCH 0/1] Pull request
@ 2022-04-29 11:19 Anuj Mittal
2022-04-29 11:19 ` [honister][PATCH 1/1] bitbake.conf: mark all directories as safe for git to read Anuj Mittal
0 siblings, 1 reply; 2+ messages in thread
From: Anuj Mittal @ 2022-04-29 11:19 UTC (permalink / raw)
To: openembedded-core
A single change to fix issues with git before 3.4.4.
Please review and merge. Tested on autobuilder and no problems seen:
https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/3591
Thanks,
Anuj
The following changes since commit d411ea3114cde55ae68a2d437e854c5b17f78131:
shadow-native: Simplify and fix syslog disable patch (2022-04-25 14:09:47 +0800)
are available in the Git repository at:
git://push.openembedded.org/openembedded-core-contrib stable/honister-next
Ross Burton (1):
bitbake.conf: mark all directories as safe for git to read
meta/conf/bitbake.conf | 8 ++++++++
1 file changed, 8 insertions(+)
--
2.35.1
^ permalink raw reply [flat|nested] 2+ messages in thread
* [honister][PATCH 1/1] bitbake.conf: mark all directories as safe for git to read
2022-04-29 11:19 [honister][PATCH 0/1] Pull request Anuj Mittal
@ 2022-04-29 11:19 ` Anuj Mittal
0 siblings, 0 replies; 2+ messages in thread
From: Anuj Mittal @ 2022-04-29 11:19 UTC (permalink / raw)
To: openembedded-core
From: Ross Burton <ross.burton@arm.com>
Recent git releases containing [1] have an ownership check when opening
repositories, and refuse to open a repository if it is owned by a
different user.
This breaks any use of git in do_install, as that is executed by the
(fake) root user. Whilst not common, this does happen.
Setting the git configuration safe.directories=* disables this check, so
that git is usable in fakeroot tasks. This can be set globally via the
internal environment variable GIT_CONFIG_PARAMETERS, we can't use
GIT_CONFIG_*_KEY/VALUE as that isn't present in all the releases which
have the ownership check.
We already set GIT_CEILING_DIRECTORIES to ensure that git doesn't
recurse up out of the work directory, so this isn't a security issue.
[1] https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8bed8e6993e7297bdcd68940aa0d47ef47120117)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
meta/conf/bitbake.conf | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf
index c2cb2f0d9d..51253003fd 100644
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -730,10 +730,18 @@ export PKG_CONFIG_DISABLE_UNINSTALLED = "yes"
export PKG_CONFIG_SYSTEM_LIBRARY_PATH = "${base_libdir}:${libdir}"
export PKG_CONFIG_SYSTEM_INCLUDE_PATH = "${includedir}"
+# Git configuration
+
# Don't allow git to chdir up past WORKDIR so that it doesn't detect the OE
# repository when building a recipe
export GIT_CEILING_DIRECTORIES = "${WORKDIR}"
+# Treat all directories are safe, as during fakeroot tasks git will run as
+# root so recent git releases (eg 2.30.3) will refuse to work on repositories. See
+# https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9 for
+# further details.
+export GIT_CONFIG_PARAMETERS="'safe.directory=*'"
+
###
### Config file processing
###
--
2.35.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-04-29 11:24 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-04-29 11:19 [honister][PATCH 0/1] Pull request Anuj Mittal
2022-04-29 11:19 ` [honister][PATCH 1/1] bitbake.conf: mark all directories as safe for git to read Anuj Mittal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox