git config –global –add safe.directory not working for certain user
11,049 views
Skip to first unread message
julie
Aug 3, 2023, 11:02:43 AM8/3/23
to git-for-windows
My team has one git repository that is cloned on one
Windows 2016 Server that multiple users remote desktop into. The admin ran the "
git config –global
–add safe.directory" command to allow sharing across users in the same group (OU/no admin rights). One user is able to pull and commit to the git repository without any issues, while another user keeps getting an exception error detecting dubious ownership in the repository.
In a similar scenario, the team had one laptop with the repo cloned on it and multiple users without admin rights were able to pull and commit.
Does anyone have any ideas what may cause the inconsistency between users on the first scenario with the Windows server?
Konstantin Khomoutov
Aug 10, 2023, 11:44:03 AM8/10/23
to git-for...@googlegroups.com
git config --global --add safe.directory
right? To my knowledge, the names of the command-line options and flags
understood by Git use two leading dashes.
OK, now to the essense of your question. The "--global" command-line option
selects the so-called global configuration "scope", which is documented as
referring to the configuration files in the following locations:
- $XDG_CONFIG_HOME/git/config
- ~/.gitconfig
They both use Unix-y stuff, but ignoring certain subtleties, it can be said
that they both refer to pathnames rooted in the currect directory of the
current user. This means, the admin has set that configuration knob only for
their own account; everyone logging in using different credentials obviously
gets their own global Git configuration scope. In other words, "global" means
"global for the user". The "truly global" - that is, system-wide -
configuration scope is called "system".
One last question: did the admin make sure that the ACLs on the resulting
repository are set in a way explained below?
1. Each user in that OU has the R/W rights on the repository, and
2. These rights are set as inheritable on the top-level repository's
directory - so that whenever a Git process performing some command
executed by a logged-in user needs to create a directory (a quite common
thing - given the way Git's oject storage is implemented), that action
does not only succeed but also results in a directory with the correct
ACLs set on it.
IOW, Git itself won't explicitly mess with ACLs on the directories it creates,
or, at least I would not expect it to.
Konstantin Khomoutov
Aug 10, 2023, 11:46:30 AM8/10/23
to git-for...@googlegroups.com
On Thu, Aug 10, 2023 at 06:43:59PM +0300, Konstantin Khomoutov wrote:
[...]
[...]
[...]
> The "--global" command-line option selects the so-called global
> configuration "scope", which is documented as referring to the configuration
> files in the following locations:
>
> - $XDG_CONFIG_HOME/git/config
> - ~/.gitconfig
>
> They both use Unix-y stuff, but ignoring certain subtleties, it can be said
> that they both refer to pathnames rooted in the currect directory of the
> current user.
Correction: of course, it should read "the home directory of the current user".
> configuration "scope", which is documented as referring to the configuration
> files in the following locations:
>
> - $XDG_CONFIG_HOME/git/config
> - ~/.gitconfig
>
> They both use Unix-y stuff, but ignoring certain subtleties, it can be said
> that they both refer to pathnames rooted in the currect directory of the
> current user.
[...]
Reply all
Reply to author
Forward
0 new messages