From patchwork Fri May 13 01:00:16 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Carlo_Marcelo_Arenas_Bel=C3=B3n?=
 <carenas@gmail.com>
X-Patchwork-Id: 12848259
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A2884C433F5
	for <git@archiver.kernel.org>; Fri, 13 May 2022 01:00:43 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1359833AbiEMBAl (ORCPT <rfc822;git@archiver.kernel.org>);
        Thu, 12 May 2022 21:00:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60444 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1359831AbiEMBAf (ORCPT <rfc822;git@vger.kernel.org>);
        Thu, 12 May 2022 21:00:35 -0400
Received: from mail-qk1-x731.google.com (mail-qk1-x731.google.com
 [IPv6:2607:f8b0:4864:20::731])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 57E6228BDCE
        for <git@vger.kernel.org>; Thu, 12 May 2022 18:00:33 -0700 (PDT)
Received: by mail-qk1-x731.google.com with SMTP id b20so6062870qkc.6
        for <git@vger.kernel.org>; Thu, 12 May 2022 18:00:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=ddn9cFEUNoGKdPrc1gPdTc0+DmS25Tvm9uG0ViP8VDg=;
        b=UpnRQPwyakrbrCKKEKyjw5Ff0rfyragATugoAwZD5kIAHG8OBo9FZpPXtlbe5gd4p4
         pB33AHrZ8t30CTgvaR7q7rbyhTNCCxjWEliEwX3UDF6HKXCoJnPxgGAPsfJ6nG7bIlU7
         f5NpSZxuVwNR12RnZNVNzLWDK398MqIcWmbThT9aAWtM37MksvZR0Q56aTwCQJHTsYlL
         2Jn0WVLJ3sKVoM72x3UJztaY3qKHHJ/kSgIyMxiZ3rbjJbZG2ZQeiHAPYwpyeRG5FCL+
         BUCMBSC0VJudCPK2esqXtQWTc91WHUegXfbmqoi6UMaihWNVyjiqSuq/GNurbzLRvDO/
         BGqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=ddn9cFEUNoGKdPrc1gPdTc0+DmS25Tvm9uG0ViP8VDg=;
        b=ivwhkfLndB0XWJDnD7Hh2krDxkWNGNnP2m20Uc+kP1lhMEB2VTY7DceAc1RqoVWkJJ
         lnH+VmGIqDqxP4FV7ZIqB/dPgZEHi3o/7xwXi9j4KRbuezO8XdnHlqY+k+1jmafoduPy
         sEP+VUDvcQIFbLgeiJlqe78WZJp6JFGvkUSOPYTFVJs4ilThDl/yPfwRr3aqBf8jzcd7
         yMrtOoMk8utCTxat365ckrr+mv2WkCk0IqFjRtv6BV5TnvY2iCS09JnsQ3qGjqkAbtHu
         lA95zyWw0oWxHWoxdJYuqWxA+k2x0QLSdy4kWCtPFVVmLgYygiEjgUmvMzVcJVdKl+k/
         pKOA==
X-Gm-Message-State: AOAM5301+1Qze2+ybHffmhJR3wiXAP9RWXuTwY/aoyAafwFjUZLsd8xI
        OGtVpFINJmX+xvIq+VpMPdXUIibOB8w=
X-Google-Smtp-Source: 
 ABdhPJzItVELaD1OxjSgkO/ql0r5s8uVu9ZYRN5bOkL6dEy3l1LmNC17sdUbESOMTpnNlVc6qOzw3Q==
X-Received: by 2002:a05:620a:45a7:b0:6a0:3399:c9ce with SMTP id
 bp39-20020a05620a45a700b006a03399c9cemr2045118qkb.590.1652403631898;
        Thu, 12 May 2022 18:00:31 -0700 (PDT)
Received: from carlos-mbp.lan (104-1-92-200.lightspeed.sntcca.sbcglobal.net.
 [104.1.92.200])
        by smtp.gmail.com with ESMTPSA id
 s202-20020a3745d3000000b0069fc13ce227sm583541qka.88.2022.05.12.18.00.29
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 12 May 2022 18:00:30 -0700 (PDT)
From: =?utf-8?q?Carlo_Marcelo_Arenas_Bel=C3=B3n?=  <carenas@gmail.com>
To: git@vger.kernel.org
Cc: gitster@pobox.com, bagasdotme@gmail.com, johannes.Schindelin@gmx.de,
	=?utf-8?q?Carlo_Marcelo_Arenas_Bel=C3=B3n?=  <carenas@gmail.com>
Subject: [PATCH v5 0/4] fix `sudo make install` regression in maint
Date: Thu, 12 May 2022 18:00:16 -0700
Message-Id: <20220513010020.55361-1-carenas@gmail.com>
X-Mailer: git-send-email 2.36.1.371.g0fb0ef0c8d
In-Reply-To: <20220510174616.18629-1-carenas@gmail.com>
References: <20220510174616.18629-1-carenas@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

A reroll for cb/path-owner-check-with-sudo which should hopefully cover
for all feedback plus an extra (optional) patch to implement a fix for
the "regression" that this introduces

A range-diff against v4 provided below to easy review but the only code
changes come from the 4th patch which might be ironically the less
controversial even if not strictly needed.

The tests are not enabled by default, but a run of this on top of seen
that had an extra patch to enable them shows no failures[1].  Either way
they are only expected to run in the macOS agents because of the sudo
configuration that is needed, and which will require additional changes
to improve coverage.

Carlo Marcelo Arenas Belón (4):
  t: regression git needs safe.directory when using sudo
  git-compat-util: avoid failing dir ownership checks if running
    privileged
  t0034: add negative tests and allow git init to mostly work under sudo
  git-compat-util: allow root to access both SUDO_UID and root owned

 Documentation/config/safe.txt  | 14 +++++
 git-compat-util.h              | 58 ++++++++++++++++++++-
 t/lib-sudo.sh                  | 15 ++++++
 t/t0034-root-safe-directory.sh | 93 ++++++++++++++++++++++++++++++++++
 4 files changed, 179 insertions(+), 1 deletion(-)
 create mode 100644 t/lib-sudo.sh
 create mode 100755 t/t0034-root-safe-directory.sh

[1] https://github.com/carenas/git/actions/runs/2316684806