0f85c4a30b
With the addition of the safe.directory in 8959555ce
(setup_git_directory(): add an owner check for the top-level directory,
2022-03-02) released in v2.35.2, we are receiving feedback from a
variety of users about the feature.
Some users have a very large list of shared repositories and find it
cumbersome to add this config for every one of them.
In a more difficult case, certain workflows involve running Git commands
within containers. The container boundary prevents any global or system
config from communicating `safe.directory` values from the host into the
container. Further, the container almost always runs as a different user
than the owner of the directory in the host.
To simplify the reactions necessary for these users, extend the
definition of the safe.directory config value to include a possible '*'
value. This value implies that all directories are safe, providing a
single setting to opt-out of this protection.
Note that an empty assignment of safe.directory clears all previous
values, and this is already the case with the "if (!value || !*value)"
condition.
Signed-off-by: Derrick Stolee <derrickstolee@github.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
50 lines
1.0 KiB
Bash
Executable File
50 lines
1.0 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
test_description='verify safe.directory checks'
|
|
|
|
. ./test-lib.sh
|
|
|
|
GIT_TEST_ASSUME_DIFFERENT_OWNER=1
|
|
export GIT_TEST_ASSUME_DIFFERENT_OWNER
|
|
|
|
expect_rejected_dir () {
|
|
test_must_fail git status 2>err &&
|
|
grep "safe.directory" err
|
|
}
|
|
|
|
test_expect_success 'safe.directory is not set' '
|
|
expect_rejected_dir
|
|
'
|
|
|
|
test_expect_success 'safe.directory does not match' '
|
|
git config --global safe.directory bogus &&
|
|
expect_rejected_dir
|
|
'
|
|
|
|
test_expect_success 'path exist as different key' '
|
|
git config --global foo.bar "$(pwd)" &&
|
|
expect_rejected_dir
|
|
'
|
|
|
|
test_expect_success 'safe.directory matches' '
|
|
git config --global --add safe.directory "$(pwd)" &&
|
|
git status
|
|
'
|
|
|
|
test_expect_success 'safe.directory matches, but is reset' '
|
|
git config --global --add safe.directory "" &&
|
|
expect_rejected_dir
|
|
'
|
|
|
|
test_expect_success 'safe.directory=*' '
|
|
git config --global --add safe.directory "*" &&
|
|
git status
|
|
'
|
|
|
|
test_expect_success 'safe.directory=*, but is reset' '
|
|
git config --global --add safe.directory "" &&
|
|
expect_rejected_dir
|
|
'
|
|
|
|
test_done
|