big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HADOOP-18202. create-release fails fatal: unsafe repository (#4188)

Browse Source 
Since April 2022/CVE-2022-24765, git refuses to work in directories
whose owner != the current user, unless explicitly told to trust it.

This patches the create-release script to trust the /build/source
dir mounted from the hosting OS, whose userid is inevitably different
from that of the account in the container running git.

Contributed by: Steve Loughran, Ayush Saxena and the new git error messages
This commit is contained in:
Steve Loughran 2022-04-18 19:24:35 +01:00 committed by GitHub
parent f74f241636
commit d7fd61d616
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dev-support/bin/create-release
View File

@ -535,6 +535,10 @@ function makearelease
big_console_header "Cleaning the Source Tree" big_console_header "Cleaning the Source Tree"
# Since CVE-2022-24765 in April 2022, git refuses to work in directories
# whose owner != the current user, unless explicitly told to trust it.
git config --global --add safe.directory /build/source
# git clean to clear any remnants from previous build # git clean to clear any remnants from previous build
run "${GIT}" clean -xdf -e /patchprocess run "${GIT}" clean -xdf -e /patchprocess