Git and pseudo

Git and pseudo

[Mike Looijmans]

Recently GIT got updated with a security fix:

https://github.blog/2022-04-12-git-security-vulnerability-announced/


The problem is that this causes all "git" tasks that run within pseudo 
(most noticably, image recipes) to fail. In many repositories, we use:
git rev-parse --verify HEAD > /etc/revision

Or something similar to that. After the GIT update, this now fails with 
an error like:

'''
fatal: unsafe repository ('/home/mike/repository/path' is owned by 
someone else)
To add an exception for this directory, call:

     git config --global --add safe.directory /home/mike/repository/path
'''

Apart from doing as it says, or even "git config --global --add 
safe.directory '*'" anyone have a better idea, especially one that 
prevents the system thinking I'm someone else (root in the case of pseudo).

-- 
Mike Looijmans


Met vriendelijke groet / kind regards,

Mike Looijmans
System Expert


TOPIC Embedded Products B.V.
Materiaalweg 4, 5681 RJ Best
The Netherlands

T: +31 (0) 499 33 69 69
E: mike.looijmans@topicproducts.com
W: www.topic.nl

Please consider the environment before printing this e-mail

Re: [OE-core] Git and pseudo

[Richard Purdie]

On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
> Recently GIT got updated with a security fix:
> 
> https://github.blog/2022-04-12-git-security-vulnerability-announced/
> 
> 
> The problem is that this causes all "git" tasks that run within pseudo 
> (most noticably, image recipes) to fail. In many repositories, we use:
> git rev-parse --verify HEAD > /etc/revision
> 
> Or something similar to that. After the GIT update, this now fails with 
> an error like:
> 
> '''
> fatal: unsafe repository ('/home/mike/repository/path' is owned by 
> someone else)
> To add an exception for this directory, call:
> 
>      git config --global --add safe.directory /home/mike/repository/path
> '''
> 
> Apart from doing as it says, or even "git config --global --add 
> safe.directory '*'" anyone have a better idea, especially one that 
> prevents the system thinking I'm someone else (root in the case of pseudo).

https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5

However this isn't quite enough as some things encode the path to git into build
files so the PATH change at do_install isn't enough. igt-gpu-tools via meson in
OE-Core is an example.

Cheers,

Richard

Re: [OE-core] Git and pseudo

[Mike Looijmans]

Met vriendelijke groet / kind regards,

Mike Looijmans
System Expert


TOPIC Embedded Products B.V.
Materiaalweg 4, 5681 RJ Best
The Netherlands

T: +31 (0) 499 33 69 69
E: mike.looijmans@topicproducts.com
W: www.topic.nl

Please consider the environment before printing this e-mail
On 25-04-2022 14:51, Richard Purdie wrote:
> On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
>> Recently GIT got updated with a security fix:
>>
>> https://github.blog/2022-04-12-git-security-vulnerability-announced/
>>
>>
>> The problem is that this causes all "git" tasks that run within pseudo
>> (most noticably, image recipes) to fail. In many repositories, we use:
>> git rev-parse --verify HEAD > /etc/revision
>>
>> Or something similar to that. After the GIT update, this now fails with
>> an error like:
>>
>> '''
>> fatal: unsafe repository ('/home/mike/repository/path' is owned by
>> someone else)
>> To add an exception for this directory, call:
>>
>>       git config --global --add safe.directory /home/mike/repository/path
>> '''
>>
>> Apart from doing as it says, or even "git config --global --add
>> safe.directory '*'" anyone have a better idea, especially one that
>> prevents the system thinking I'm someone else (root in the case of pseudo).
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
>
> However this isn't quite enough as some things encode the path to git into build
> files so the PATH change at do_install isn't enough. igt-gpu-tools via meson in
> OE-Core is an example.
>
> Cheers,
>
> Richard
>
Nice, also for general usefulness.


For our particular case, I came up with this (works in old OE versions 
as well), just inserting a task since both do_image and do_rootfs run 
under fakeroot:

  # We require access to the git repository here, so we must run outside 
fakeroot
do_swumetadata() {
    # Hardware revision for SWUpdate
    echo "${SWU_BOARD_HWREVISION}" > ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
    v=`git rev-parse --verify HEAD`
    echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
    echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
}
addtask do_swumetadata before do_image after do_rootfs



-- 
Mike Looijmans

Re: [OE-core] Git and pseudo

[Stefano Babic]

Hi Mike, Richard,

On 26.04.22 11:08, Mike Looijmans wrote:
> 
> Met vriendelijke groet / kind regards,
> 
> Mike Looijmans
> System Expert
> 
> 
> TOPIC Embedded Products B.V.
> Materiaalweg 4, 5681 RJ Best
> The Netherlands
> 
> T: +31 (0) 499 33 69 69
> E: mike.looijmans@topicproducts.com
> W: www.topic.nl
> 
> Please consider the environment before printing this e-mail
> On 25-04-2022 14:51, Richard Purdie wrote:
>> On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
>>> Recently GIT got updated with a security fix:
>>>
>>> https://github.blog/2022-04-12-git-security-vulnerability-announced/
>>>
>>>
>>> The problem is that this causes all "git" tasks that run within pseudo
>>> (most noticably, image recipes) to fail. In many repositories, we use:
>>> git rev-parse --verify HEAD > /etc/revision
>>>
>>> Or something similar to that. After the GIT update, this now fails with
>>> an error like:
>>>
>>> '''
>>> fatal: unsafe repository ('/home/mike/repository/path' is owned by
>>> someone else)
>>> To add an exception for this directory, call:
>>>
>>>       git config --global --add safe.directory 
>>> /home/mike/repository/path
>>> '''
>>>
>>> Apart from doing as it says, or even "git config --global --add
>>> safe.directory '*'" anyone have a better idea, especially one that
>>> prevents the system thinking I'm someone else (root in the case of 
>>> pseudo).
>> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5 
>>
>>
>> However this isn't quite enough as some things encode the path to git 
>> into build
>> files so the PATH change at do_install isn't enough. igt-gpu-tools via 
>> meson in
>> OE-Core is an example.
>>
>> Cheers,
>>
>> Richard
>>
> Nice, also for general usefulness.
> 
> 
> For our particular case, I came up with this (works in old OE versions 
> as well), just inserting a task since both do_image and do_rootfs run 
> under fakeroot:
> 
>   # We require access to the git repository here, so we must run outside 
> fakeroot
> do_swumetadata() {
>     # Hardware revision for SWUpdate
>     echo "${SWU_BOARD_HWREVISION}" > 
> ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
>     v=`git rev-parse --verify HEAD`
>     echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
>     echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
> }
> addtask do_swumetadata before do_image after do_rootfs
> 

It looks like we have several breakages. I found yesterday that 
buildinfo (image-buildinfo) does not work anymore.

meta-filesystems  = <unknown>:<unknown>

meta-networking   = <unknown>:<unknown>

meta-oe           = <unknown>:<unknown>

meta-perl         = <unknown>:<unknown>

meta-python       = <unknown>:<unknown>

meta-swupdate     = <unknown>:<unknown>

meta              = <unknown>:<unknown>

meta-poky         = <unknown>:<unknown>

meta-yocto-bsp    = <unknown>:<unknown>



And the reason is exactly this security update to git, and 
base_get_metadata_git_revision / base_get_metadata_git_branch do not 
work anymore (in this context, of course). So should we create 
/etc/build in a task before do_rootfs ?

Bad is also that this affects older versions (dunfell for example), 
because it depends on an external package (git) to OE.

Best regards,
Stefano

-- 
=====================================================================
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-53 Fax: +49-8142-66989-80 Email: sbabic@denx.de
=====================================================================

Re: [OE-core] Git and pseudo

[Richard Purdie]

On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> Hi Mike, Richard,
> 
> On 26.04.22 11:08, Mike Looijmans wrote:
> > 
> > Met vriendelijke groet / kind regards,
> > 
> > Mike Looijmans
> > System Expert
> > 
> > 
> > TOPIC Embedded Products B.V.
> > Materiaalweg 4, 5681 RJ Best
> > The Netherlands
> > 
> > T: +31 (0) 499 33 69 69
> > E: mike.looijmans@topicproducts.com
> > W: www.topic.nl
> > 
> > Please consider the environment before printing this e-mail
> > On 25-04-2022 14:51, Richard Purdie wrote:
> > > On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
> > > > Recently GIT got updated with a security fix:
> > > > 
> > > > https://github.blog/2022-04-12-git-security-vulnerability-announced/
> > > > 
> > > > 
> > > > The problem is that this causes all "git" tasks that run within pseudo
> > > > (most noticably, image recipes) to fail. In many repositories, we use:
> > > > git rev-parse --verify HEAD > /etc/revision
> > > > 
> > > > Or something similar to that. After the GIT update, this now fails with
> > > > an error like:
> > > > 
> > > > '''
> > > > fatal: unsafe repository ('/home/mike/repository/path' is owned by
> > > > someone else)
> > > > To add an exception for this directory, call:
> > > > 
> > > >       git config --global --add safe.directory 
> > > > /home/mike/repository/path
> > > > '''
> > > > 
> > > > Apart from doing as it says, or even "git config --global --add
> > > > safe.directory '*'" anyone have a better idea, especially one that
> > > > prevents the system thinking I'm someone else (root in the case of 
> > > > pseudo).
> > > https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5 
> > > 
> > > 
> > > However this isn't quite enough as some things encode the path to git 
> > > into build
> > > files so the PATH change at do_install isn't enough. igt-gpu-tools via 
> > > meson in
> > > OE-Core is an example.
> > > 
> > > Cheers,
> > > 
> > > Richard
> > > 
> > Nice, also for general usefulness.
> > 
> > 
> > For our particular case, I came up with this (works in old OE versions 
> > as well), just inserting a task since both do_image and do_rootfs run 
> > under fakeroot:
> > 
> >   # We require access to the git repository here, so we must run outside 
> > fakeroot
> > do_swumetadata() {
> >     # Hardware revision for SWUpdate
> >     echo "${SWU_BOARD_HWREVISION}" > 
> > ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
> >     v=`git rev-parse --verify HEAD`
> >     echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
> >     echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
> > }
> > addtask do_swumetadata before do_image after do_rootfs
> > 
> 
> It looks like we have several breakages. I found yesterday that 
> buildinfo (image-buildinfo) does not work anymore.
> 
> meta-filesystems  = <unknown>:<unknown>
> 
> meta-networking   = <unknown>:<unknown>
> 
> meta-oe           = <unknown>:<unknown>
> 
> meta-perl         = <unknown>:<unknown>
> 
> meta-python       = <unknown>:<unknown>
> 
> meta-swupdate     = <unknown>:<unknown>
> 
> meta              = <unknown>:<unknown>
> 
> meta-poky         = <unknown>:<unknown>
> 
> meta-yocto-bsp    = <unknown>:<unknown>
> 
> 
> 
> And the reason is exactly this security update to git, and 
> base_get_metadata_git_revision / base_get_metadata_git_branch do not 
> work anymore (in this context, of course). So should we create 
> /etc/build in a task before do_rootfs ?
> 
> Bad is also that this affects older versions (dunfell for example), 
> because it depends on an external package (git) to OE.


https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8

is now the preferred fix and we will likely be backporting this to kirkstone,
honister and dunfell.

Cheers,

Richard

Re: [OE-core] Git and pseudo

[Jose Quaresma]

[-- Attachment #1: Type: text/plain, Size: 5130 bytes --]

Hi,

Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia quarta,
27/04/2022 à(s) 11:22:

> On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> > Hi Mike, Richard,
> >
> > On 26.04.22 11:08, Mike Looijmans wrote:
> > >
> > > Met vriendelijke groet / kind regards,
> > >
> > > Mike Looijmans
> > > System Expert
> > >
> > >
> > > TOPIC Embedded Products B.V.
> > > Materiaalweg 4, 5681 RJ Best
> > > The Netherlands
> > >
> > > T: +31 (0) 499 33 69 69
> > > E: mike.looijmans@topicproducts.com
> > > W: www.topic.nl
> > >
> > > Please consider the environment before printing this e-mail
> > > On 25-04-2022 14:51, Richard Purdie wrote:
> > > > On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
> > > > > Recently GIT got updated with a security fix:
> > > > >
> > > > >
> https://github.blog/2022-04-12-git-security-vulnerability-announced/
> > > > >
> > > > >
> > > > > The problem is that this causes all "git" tasks that run within
> pseudo
> > > > > (most noticably, image recipes) to fail. In many repositories, we
> use:
> > > > > git rev-parse --verify HEAD > /etc/revision
> > > > >
> > > > > Or something similar to that. After the GIT update, this now fails
> with
> > > > > an error like:
> > > > >
> > > > > '''
> > > > > fatal: unsafe repository ('/home/mike/repository/path' is owned by
> > > > > someone else)
> > > > > To add an exception for this directory, call:
> > > > >
> > > > >       git config --global --add safe.directory
> > > > > /home/mike/repository/path
> > > > > '''
> > > > >
> > > > > Apart from doing as it says, or even "git config --global --add
> > > > > safe.directory '*'" anyone have a better idea, especially one that
> > > > > prevents the system thinking I'm someone else (root in the case of
> > > > > pseudo).
> > > >
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
> > > >
> > > >
> > > > However this isn't quite enough as some things encode the path to
> git
> > > > into build
> > > > files so the PATH change at do_install isn't enough. igt-gpu-tools
> via
> > > > meson in
> > > > OE-Core is an example.
> > > >
> > > > Cheers,
> > > >
> > > > Richard
> > > >
> > > Nice, also for general usefulness.
> > >
> > >
> > > For our particular case, I came up with this (works in old OE versions
> > > as well), just inserting a task since both do_image and do_rootfs run
> > > under fakeroot:
> > >
> > >   # We require access to the git repository here, so we must run
> outside
> > > fakeroot
> > > do_swumetadata() {
> > >     # Hardware revision for SWUpdate
> > >     echo "${SWU_BOARD_HWREVISION}" >
> > > ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
> > >     v=`git rev-parse --verify HEAD`
> > >     echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
> > >     echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
> > > }
> > > addtask do_swumetadata before do_image after do_rootfs
> > >
> >
> > It looks like we have several breakages. I found yesterday that
> > buildinfo (image-buildinfo) does not work anymore.
> >
> > meta-filesystems  = <unknown>:<unknown>
> >
> > meta-networking   = <unknown>:<unknown>
> >
> > meta-oe           = <unknown>:<unknown>
> >
> > meta-perl         = <unknown>:<unknown>
> >
> > meta-python       = <unknown>:<unknown>
> >
> > meta-swupdate     = <unknown>:<unknown>
> >
> > meta              = <unknown>:<unknown>
> >
> > meta-poky         = <unknown>:<unknown>
> >
> > meta-yocto-bsp    = <unknown>:<unknown>
> >
> >
> >
> > And the reason is exactly this security update to git, and
> > base_get_metadata_git_revision / base_get_metadata_git_branch do not
> > work anymore (in this context, of course). So should we create
> > /etc/build in a task before do_rootfs ?
> >
> > Bad is also that this affects older versions (dunfell for example),
> > because it depends on an external package (git) to OE.
>
>
>
> https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8


The change that introduces the intercept script [1] Is partially reversed
with [2]
With this approach using the environment we don't need the intercept script
anymore or I am missing something?

[1]
https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
[2]
https://git.yoctoproject.org/poky/commit/?id=5546a868b52400ed1487b2ac7149f3a9e7293bd2

Jose


>
> is now the preferred fix and we will likely be backporting this to
> kirkstone,
> honister and dunfell.
>
> Cheers,
>
> Richard
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164911):
> https://lists.openembedded.org/g/openembedded-core/message/164911
> Mute This Topic: https://lists.openembedded.org/mt/90680045/5052612
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [
> quaresma.jose@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
>

-- 
Best regards,

José Quaresma

[-- Attachment #2: Type: text/html, Size: 8260 bytes --]

Re: [OE-core] Git and pseudo

[Stefano Babic]

On 27.04.22 12:22, Richard Purdie wrote:
> On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
>> Hi Mike, Richard,
>>
>> On 26.04.22 11:08, Mike Looijmans wrote:
>>>
>>> Met vriendelijke groet / kind regards,
>>>
>>> Mike Looijmans
>>> System Expert
>>>
>>>
>>> TOPIC Embedded Products B.V.
>>> Materiaalweg 4, 5681 RJ Best
>>> The Netherlands
>>>
>>> T: +31 (0) 499 33 69 69
>>> E: mike.looijmans@topicproducts.com
>>> W: www.topic.nl
>>>
>>> Please consider the environment before printing this e-mail
>>> On 25-04-2022 14:51, Richard Purdie wrote:
>>>> On Mon, 2022-04-25 at 09:40 +0200, Mike Looijmans wrote:
>>>>> Recently GIT got updated with a security fix:
>>>>>
>>>>> https://github.blog/2022-04-12-git-security-vulnerability-announced/
>>>>>
>>>>>
>>>>> The problem is that this causes all "git" tasks that run within pseudo
>>>>> (most noticably, image recipes) to fail. In many repositories, we use:
>>>>> git rev-parse --verify HEAD > /etc/revision
>>>>>
>>>>> Or something similar to that. After the GIT update, this now fails with
>>>>> an error like:
>>>>>
>>>>> '''
>>>>> fatal: unsafe repository ('/home/mike/repository/path' is owned by
>>>>> someone else)
>>>>> To add an exception for this directory, call:
>>>>>
>>>>>        git config --global --add safe.directory
>>>>> /home/mike/repository/path
>>>>> '''
>>>>>
>>>>> Apart from doing as it says, or even "git config --global --add
>>>>> safe.directory '*'" anyone have a better idea, especially one that
>>>>> prevents the system thinking I'm someone else (root in the case of
>>>>> pseudo).
>>>> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
>>>>
>>>>
>>>> However this isn't quite enough as some things encode the path to git
>>>> into build
>>>> files so the PATH change at do_install isn't enough. igt-gpu-tools via
>>>> meson in
>>>> OE-Core is an example.
>>>>
>>>> Cheers,
>>>>
>>>> Richard
>>>>
>>> Nice, also for general usefulness.
>>>
>>>
>>> For our particular case, I came up with this (works in old OE versions
>>> as well), just inserting a task since both do_image and do_rootfs run
>>> under fakeroot:
>>>
>>>    # We require access to the git repository here, so we must run outside
>>> fakeroot
>>> do_swumetadata() {
>>>      # Hardware revision for SWUpdate
>>>      echo "${SWU_BOARD_HWREVISION}" >
>>> ${IMAGE_ROOTFS}${sysconfdir}/hwrevision
>>>      v=`git rev-parse --verify HEAD`
>>>      echo $v > ${IMAGE_ROOTFS}${sysconfdir}/swrevision
>>>      echo $v > ${DEPLOY_DIR_IMAGE}/${IMAGE_BASENAME}.swrevision
>>> }
>>> addtask do_swumetadata before do_image after do_rootfs
>>>
>>
>> It looks like we have several breakages. I found yesterday that
>> buildinfo (image-buildinfo) does not work anymore.
>>
>> meta-filesystems  = <unknown>:<unknown>
>>
>> meta-networking   = <unknown>:<unknown>
>>
>> meta-oe           = <unknown>:<unknown>
>>
>> meta-perl         = <unknown>:<unknown>
>>
>> meta-python       = <unknown>:<unknown>
>>
>> meta-swupdate     = <unknown>:<unknown>
>>
>> meta              = <unknown>:<unknown>
>>
>> meta-poky         = <unknown>:<unknown>
>>
>> meta-yocto-bsp    = <unknown>:<unknown>
>>
>>
>>
>> And the reason is exactly this security update to git, and
>> base_get_metadata_git_revision / base_get_metadata_git_branch do not
>> work anymore (in this context, of course). So should we create
>> /etc/build in a task before do_rootfs ?
>>
>> Bad is also that this affects older versions (dunfell for example),
>> because it depends on an external package (git) to OE.
> 
> 
> https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
> 

Ok, understood, thanks !

> is now the preferred fix and we will likely be backporting this to kirkstone,
> honister and dunfell.

Thanks !

Stefano

> 
> Cheers,
> 
> Richard
> 
> 
> 
> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#164911): https://lists.openembedded.org/g/openembedded-core/message/164911
> Mute This Topic: https://lists.openembedded.org/mt/90680045/3618551
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [sbabic@denx.de]
> -=-=-=-=-=-=-=-=-=-=-=-
> 


-- 
=====================================================================
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: +49-8142-66989-53 Fax: +49-8142-66989-80 Email: sbabic@denx.de
=====================================================================

Re: [OE-core] Git and pseudo

[Richard Purdie]

On Wed, 2022-04-27 at 11:37 +0100, Jose Quaresma wrote:
> Hi,
> 
> Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia quarta,
> 27/04/2022 à(s) 11:22:
> > On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> > 
> > 
> > 
> > https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
> > 
> 
> 
> The change that introduces the intercept script [1] Is partially reversed with
> [2]
> With this approach using the environment we don't need the intercept script
> anymore or I am missing something?
> 
> [1]
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
> [2]
> https://git.yoctoproject.org/poky/commit/?id=5546a868b52400ed1487b2ac7149f3a9e7293bd2

The devshell experience is better with the intercept as it means things like the
user's HOMEDIR is used for their gitconfig for things like user and email when
writing commits. I've therefore chosen to leave that in master. We may or may
not backport those pieces, I don't have any strong preference.

The other commit from Ross solves the major issue we care about build wide
outside devshell.

Cheers,

Richard

Re: [OE-core] Git and pseudo

[Jose Quaresma]

[-- Attachment #1: Type: text/plain, Size: 1570 bytes --]

Hi,

Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia quarta,
27/04/2022 à(s) 11:56:

> On Wed, 2022-04-27 at 11:37 +0100, Jose Quaresma wrote:
> > Hi,
> >
> > Richard Purdie <richard.purdie@linuxfoundation.org> escreveu no dia
> quarta,
> > 27/04/2022 à(s) 11:22:
> > > On Wed, 2022-04-27 at 08:47 +0200, Stefano Babic wrote:
> > >
> > >
> > >
> > >
> https://git.yoctoproject.org/poky/commit/?id=5bca57859b280f73b23247aac7dec6b05f48fde8
> > >
> >
> >
> > The change that introduces the intercept script [1] Is
> partially reversed with
> > [2]
> > With this approach using the environment we don't need the intercept
> script
> > anymore or I am missing something?
> >
> > [1]
> >
> https://git.yoctoproject.org/poky/commit/?id=21559199516a31c7635c5f2d874eaa4a92fff0e5
> > [2]
> >
> https://git.yoctoproject.org/poky/commit/?id=5546a868b52400ed1487b2ac7149f3a9e7293bd2
>
> The devshell experience is better with the intercept as it means things
> like the
> user's HOMEDIR is used for their gitconfig for things like user and email
> when
> writing commits. I've therefore chosen to leave that in master. We may or
> may
> not backport those pieces, I don't have any strong preference.
>

I agree that the intercept will improve the devshell user experience
and it was this part that was escaping me.

Thanks

Jose


> The other commit from Ross solves the major issue we care about build wide
> outside devshell.
>
> Cheers,
>
> Richard
>
>
>
>

-- 
Best regards,

José Quaresma

[-- Attachment #2: Type: text/html, Size: 2835 bytes --]