"David C. Rankin" <drankinatty@xxxxxxxxx> writes: > I read the error from the server log and then attempted to add the > suggested config to ~/.gitconfig, e.g.: > > [safe] > directory = /srv/git/embedded.git > ... > drwxr-xr-x 7 david david 4096 Jun 15 02:42 embedded.git You say ~/.gitconfig here. Whose home directory does "~" refer to? The primary reason I wrote the message you are responding to was to find this piece of information out (and tell you that it would be different from the repository owner's), and I am still not sure if I extracted that piece of information out of you, after reading the message I am responding to twice. In short, the above has to be in ~http/.gitconfig (if 'http' is the user Apache runs as). Listing it in ~david/.gitconfig would not work. It has to come from the user who runs Git in a directory the user does not own (in this case, that is the 'http' user. That user runs, via the CGI interface, the server side Git programs to respond to pushes and fetches, serving a repository not owned by 'http'), The mechanism is about protecting the user that runs Git (i.e. 'http' in the context of "git push/fetch is responded by the Apache web server via the CGI mechanism spawning 'git http-backend'") from potentially malicious repositories owned by users that are *not* 'http' (i.e. /srv/git/embedded.git that is owned by david:david in this case), as such repositories can contain hooks and other configuration settings that would end up running programs as 'http' user with 'http' user's priviledge, potentially writing into files owned by 'http' user to attack 'http' user. Hence, the "I am OK to run Git as myself in these repositories, even though they are not owned by me" acceptance, which is an snippet in gitconfig file you showed above, has to come from the 'http' user, and certainly not from the 'david' user. The configuration is about protecting 'http' from 'david' and not about protecting 'david' from 'http', so configuration files in 'david' user's home directory should have no say in who 'http' user is willing to trust. So, back to the original question. You said ~/.gitconfig/ has the safe.directory settings. Whose ~/.gitconfig/? I would have expected that the only thing you'd need to do is to let your 'http' user tell Git that it does not want the paranoid safety more recent versions of Git offers with the safe.directory setting in ~http/.gitconfig, and have repositories owned by individual users that come over ssh as they themselves. For those who are accessing their own repositories over ssh as themselves, everything should work just as before.
