Unsafe repository (REPO) is owned by someone else

leonepagani April 30, 2022

Hello everyone.

 

I'm trying to pull some updates to my production repository, in a ubuntu server, but when i try to run any git command, i get  this error.


fatal: unsafe repository ('/var/www/html/[REPO]' is owned by someone else)
To add an exception for this directory, call:

git config --global --add safe.directory /var/www/html/[REPO]

 

I'had already upgrade to latest version of git because the security vulnerability announced in April, 12. (https://github.blog/2022-04-12-git-security-vulnerability-announced/). and tried to run suggested command, to add safe.directory to my git global configs, but dont have any effect.

 

Thanks.

2 answers

1 vote
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 3, 2022

Hello @leonepagani ,

Welcome to Atlassian Community.

As you have mentioned, the error you are facing is due to recent update in git 2.35.2 where git changed its default behavior to prevent you from executing git commands in a repository owned by a different user than the current one. This is to address the vulnerability https://github.blog/2022-04-12-git-security-vulnerability-announced/,  preventing git invocations from unintentionally executing commands which the repository owner configured.

The default solution to workaround this issue would be to add the directory to safe.directory list, as the following command :

git config --global --add safe.directory <path to repository>

But as you mentioned it didn't work, I found this Stackoverflow thread where alternative solution are being discussed, and specifically for Ubuntu I found the following recommendations :

  • Create a .gitconfig file in /var/www directory, which is the home for www-data user, with the following content :
    [safe]
          directory = /repository/path
  • Add the folder to the safe.directory list at the system level
    git config --system --add safe.directory /home/repo
    If using git > 2.36, you can use the wildcard to add all folders to safe.directory list :
    git config --global --add safe.directory '*'
  • Change the owner of the repository folder to the user which is running the git command :
    sudo chown -R username:group /home/repo

Reference : Stackoverflow post

Could you please try the suggestion above and let us know how it goes ? You can also find additional suggestion in the Stack overflow thread I've linked above.

Let me know if you run into any issue.

Thank you, @leonepagani .

Kind regards,

Patrik S

0 votes
Konstantin October 6, 2022

Hi!

I had the same issue, but in Windows 10: I created some Git repo as ordinal user and worked with it without problems, but then i had to launch my IDE from Administrator user and I couldn't use my git extention because of very same mistake.

 

For me it helped to launch this command from Admin user. When i tried to launch it from ordinal user there was no effect.

git config --global --add safe.directory <path to repository>

 

I hope, my experience is usefull. 

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events