Revert "git: Restrict spawned commands to a specific dir" (!6931) · Merge requests · GitLab.org / gitaly

Patrick Steinhardt requested to merge pks-revert-git-ceiling-directories into master May 17, 2024

In bd50ad9e (git: Restrict spawned commands to a specific dir, 2024-05-14), we have started to set GIT_CEILING_DIRECTORIES such that spawned Git commands will not escape their repository. In the context of commands with a repository we set the variable to the repository's path. And when we have a command without a repository, we create a temporary directory, chdir the command into it and then set up the environment variable to point to that directory.

The latter case has an unintended side effect: when socket paths have been specified with a relative path, then this relative path now cannot be resolved anymore due to our use of chdir. This wasn't ever a problem with any of the other Git commands that use a repository because we use git -C there, which does not cause us to chdir.

We could likely fix this by using git -C here, as well, instead of setting the working directory of the new process. But for now, let's rather revert this whole change and reintroduce it in a later step.

Reverts git: Restrict spawned commands to a specific dir (!6913 - merged).

Revert "git: Restrict spawned commands to a specific dir"

Merge request reports