Konstantin Ryabitsev <konstantin@xxxxxxxxxxxxxxxxxxx> ezt írta (időpont: 2025. márc. 31., H, 16:53): > > On Sun, Mar 30, 2025 at 10:30:00AM +0200, MegaBrutal wrote: > > Hi Everyone, > > > > I'm new to the list, just thought it's the best place to talk about > > Git. I'm running a public read-only git server with git-daemon. I've > > recently noticed that my repos can't be cloned and found that > > particular CVE which made git to verify the owners of the git repos. > > > > fatal: detected dubious ownership in repository at '/srv/git/mgsautils.git' > > > > The feasible solution is to declare the directory safe in .gitconfig. > > You can set global values in /etc/gitconfig, e.g.: > > [safe] > directory = /srv/git/* Thanks! While it is much more convenient to set it in one global /etc/gitconfig than individual home directories, I encountered the following problems: 1. It doesn't do anything with the other error I get, when the problematic directory is '.'. I still keep getting that error message. 2. Git daemon doesn't seem to resolve the '*' wildcard, i.e. with the wildcard I get the original message back which complains about '/srv/git/mgsautils.git', despite it should be covered by '/srv/git/*'. When I supply the full path, however, the error message is still about '.'. I even performed a whole Ubuntu release upgrade to get a new version of Git, but 2.43.0 acts the same. Seems like git-daemon is more stricts than plain git – what might be the problem?
