Git command returns fatal error: "detected dubious ownership"

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


 

Platform Notice: Cloud - This article applies to Atlassian products on the cloud platform.

   

Summary


When trying to execute a git command in a repository, such as a clone or push, git returns a fatal error saying the repository has dubious ownership and the git command is aborted.

Diagnosis

After executing a git command, an error similar to below is returned : 

fatal: detected dubious ownership in repository at '<path to the repository>'
To add an exception for this directory, call:
git config --global --add safe.directory <path to the repository>

or

fatal: unsafe repository ('<path to the repository>' is owned by someone else)
To add an exception for this directory, call:

git config --global --add safe.directory <path to the repository>


Cause

A change was introduced in git 2.35.2 (and newer) to prevent a user from executing git commands in a repository owned by a different user. This is to address a security risk, CVE-2022-24765,  for more details see setup_git_directory and Git security vulnerability announced. The change to setup_git_directory prevents git invocations from executing commands on a repository owned by another user.

Solution

On a single user system

Change the owner of the repository folder to the user which is running the git command. 


For Windows : One way to do this is with the takeown command:

takeown /f <path to the repository> /r /d y

For Linux: Using the chown command : 

chown -R username:group <path to the repository>

Single repository on a multi user system: 

The default solution to workaround this issue would be to add the directory in question to git's safe.directory list, as the following command :

git config --global --add safe.directory <path to repository>

This is usually the command suggested by git in the error message to add this directory to the exception list.

Multiple repositories, system global settings: 

Add the folder to the safe.directory list at the system level

git config --system --add safe.directory <path to the repository>


If using git > 2.36, there's also a wildcard to add all folders to safe.directory list :

git config --global --add safe.directory '*' # For the current user and all repositories
git config --system --add safe.directory '*' # For all users and all repositories

Before adding paths/repositories to the exception list, please make sure to understand the security implications of CVE-2022-24765 and setup_git_directory. To avoid this, it's strongly recommended for each user have their own clone of the repository.

Last modified on Jan 18, 2024

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.