On 2025-05-02 at 22:07:51, Matthias vom Bruch wrote: > Thank you for filling out a Git bug report! > Please answer the following questions to help us understand your issue. > > What did you do before the bug happened? (Steps to reproduce your issue) > > Create a repository, rsync it to my homelab server, place into a directory > that is owned by a:a_and_b and has -R file mod of 770. Then cloned that > into a new, bare repository with the same name, say on /path/to/bare_repo. > Then I prepared ssh auth via key on new machine, so that user b can lo > g in to homelab without password. Then tried to clone the repository with > `git clone b@local-name:/path/to/bare_repo` and variations prepending `s > sh://` and appending `/.git`. Got error > > fatal: detected dubious ownership in repository at '/path/to/bare_repo' > To add an exception for this directory, call: > git config --global --add safe.directory /path/to/bare_repo > [The following is a rough translation, as the machine is in German and so > was this message] > fatal: could not read from remote repository > > Please ensure that you have the correct access rights > and the repository exists > > I then execute the command it suggests and confirm that the appropriate line > has been added to my git config > > Retry - same error > > Test if there is actually a problem with access rights by copying the > repository with `rsync -r b@local-name:/path/to/bare_repo ./`. No issue, eve > rything gets copied > > What did you expect to happen? (Expected behavior) > > Firstly, no issue at all, as cloning from a remote (bare) repository that > _isn't owned by me_ seems like standard usage of git. People are bound t > o run into this in projects of more than one person, unless they use the > more elaborate implementations of vendors like github. My understanding w > ould be that this is how git should "naturally" work. > > Then, the error being fixed after I apply the command it suggested. Can you retry this with Git 2.48 or newer on the server? There's a patch in that version that should allow cloning from an untrusted repository. Note that if you're cloning on the local system, you will need to use `--no-local`, as documented in that version. That isn't necessary over the network, though. -- brian m. carlson (they/them) Toronto, Ontario, CA
Attachment:
signature.asc
Description: PGP signature
