You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by "ASF GitHub Bot (Jira)" <ji...@apache.org> on 2022/04/18 14:52:00 UTC
[jira] [Work logged] (HADOOP-18202) create-release fails fatal: unsafe repository ('/build/source' is owned by someone else)
[ https://issues.apache.org/jira/browse/HADOOP-18202?focusedWorklogId=757910&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-757910 ]
ASF GitHub Bot logged work on HADOOP-18202:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 18/Apr/22 14:51
Start Date: 18/Apr/22 14:51
Worklog Time Spent: 10m
Work Description: steveloughran opened a new pull request, #4188:
URL: https://github.com/apache/hadoop/pull/4188
Since CVE-2022-24765 in April 2022, git refuses to work in directories
whose owner != the current user, unless explicitly told to trust it.
This patches the create-release script to trust the /build/source
dir mounted from the hosting OS, whose userid is inevitably different
from that of the account in the container running git.
### Description of PR
### How was this patch tested?
going to test the PR on my build machine (a different laptop)
### For code changes:
- [X] Does the title or this PR starts with the corresponding JIRA issue id (e.g. 'HADOOP-17799. Your PR title ...')?
- [ ] Object storage: have the integration tests been executed and the endpoint declared according to the connector-specific documentation?
- [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] If applicable, have you updated the `LICENSE`, `LICENSE-binary`, `NOTICE-binary` files?
Issue Time Tracking
-------------------
Worklog Id: (was: 757910)
Remaining Estimate: 0h
Time Spent: 10m
> create-release fails fatal: unsafe repository ('/build/source' is owned by someone else)
> ----------------------------------------------------------------------------------------
>
> Key: HADOOP-18202
> URL: https://issues.apache.org/jira/browse/HADOOP-18202
> Project: Hadoop Common
> Issue Type: Bug
> Components: build
> Affects Versions: 3.3.4, 3.3.3
> Reporter: Steve Loughran
> Priority: Major
> Time Spent: 10m
> Remaining Estimate: 0h
>
> The first git command in the create-release docker container is failing as git doesn't consider /build/source to belong to the current user.
> since CVE-2022-24765 and the april 2022 git releases to refuse to work in such directories
> https://github.blog/2022-04-12-git-security-vulnerability-announced/
> {code}
> $ /usr/bin/git clean -xdf -e /patchprocess
> fatal: unsafe repository ('/build/source' is owned by someone else)
> To add an exception for this directory, call:
> git config --global --add safe.directory /build/source
> {code}
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org