Git Mailing List Archive on lore.kernel.org
 help / color / Atom feed
From: "SZEDER Gábor" <szeder.dev@gmail.com>
To: Patrick Steinhardt <ps@pks.im>
Cc: git@vger.kernel.org, "Junio C Hamano" <gitster@pobox.com>,
	"Jeff King" <peff@peff.net>,
	"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>,
	"Eric Sunshine" <sunshine@sunshineco.com>
Subject: Re: [PATCH v5 3/3] config: allow overriding of global and system configuration
Date: Wed, 21 Apr 2021 23:06:14 +0200
Message-ID: <20210421210614.GB2947267@szeder.dev> (raw)
In-Reply-To: <20210421204637.GA2947267@szeder.dev>

On Wed, Apr 21, 2021 at 10:46:37PM +0200, SZEDER Gábor wrote:
> On Mon, Apr 19, 2021 at 02:31:16PM +0200, Patrick Steinhardt wrote:
> > In order to have git run in a fully controlled environment without any
> > misconfiguration, it may be desirable for users or scripts to override
> > global- and system-level configuration files. We already have a way of
> > doing this, which is to unset both HOME and XDG_CONFIG_HOME environment
> > variables and to set `GIT_CONFIG_NOGLOBAL=true`. This is quite kludgy,
> > and unsetting the first two variables likely has an impact on other
> > executables spawned by such a script.
> > 
> > The obvious way to fix this would be to introduce `GIT_CONFIG_NOGLOBAL`
> > as an equivalent to `GIT_CONFIG_NOSYSTEM`. But in the past, it has
> > turned out that this design is inflexible: we cannot test system-level
> > parsing of the git configuration in our test harness because there is no
> > way to change its location, so all tests run with `GIT_CONFIG_NOSYSTEM`
> > set.
> > 
> > Instead of doing the same mistake with `GIT_CONFIG_NOGLOBAL`, introduce
> > two new variables `GIT_CONFIG_GLOBAL` and `GIT_CONFIG_SYSTEM`:
> > 
> >     - If unset, git continues to use the usual locations.
> > 
> >     - If set to a specific path, we skip reading the normal
> >       configuration files and instead take the path. By setting the path
> >       to `/dev/null`, no configuration will be loaded for the respective
> >       level.
> > 
> > This implements the usecase where we want to execute code in a sanitized
> > environment without any potential misconfigurations via `/dev/null`, but
> > is more flexible and allows for more usecases than simply adding
> > `GIT_CONFIG_NOGLOBAL`.
> 
> Something is still not right with this patch series, because:
> 
> > +test_expect_success 'write to overridden global and system config' '
> > +	cat >expect <<EOF &&
> > +[config]
> > +	key = value
> > +EOF
> > +
> > +	GIT_CONFIG_GLOBAL=write-to-global git config --global config.key value &&
> > +	test_cmp expect write-to-global &&
> > +
> > +	GIT_CONFIG_SYSTEM=write-to-system git config --system config.key value &&
> > +	test_cmp expect write-to-system
> > +'
> 
> This test fails on Travis CI's Linux32 job:
> 
>   expecting success of 1300.184 'write to overridden global and system config': 
>   	cat >expect <<EOF &&
>   [config]
>   	key = value
>   EOF
>   	GIT_CONFIG_GLOBAL=write-to-global git config --global config.key value &&
>   	test_cmp expect write-to-global &&
>   	GIT_CONFIG_SYSTEM=write-to-system git config --system config.key value &&
>   	test_cmp expect write-to-system
>   + cat
>   + GIT_CONFIG_GLOBAL=write-to-global git config --global config.key value
>   fatal: unable to access '/root/etc/gitconfig': Permission denied
>   error: last command exited with $?=128
>   not ok 184 - write to overridden global and system config

  https://travis-ci.org/github/git/git/jobs/767898817#L6931

> Yeah, that job has a weird environment with Docker and 'su'
> interacting in a way that ultimately builds Git with 'HOME=/root',
> which in our build system means that 'sysconfdir=/root/etc'.  To
> reproduce at home just run:
> 
>   make prefix=/root && cd t && ./t1300-config.sh -V -x -i

Hrm, that's not the only test that fails, but I only ran it with
'-i'...  but in fact most subsequent tests fail with the same error.

I think the culprit is the previous test case which I too eagerly
snipped from my previous email, so here it is again (copy-pasted,
whitespace-damaged):

> test_expect_success 'override global and system config' '
>         test_when_finished rm -f "$HOME"/.config/git &&
> 
>         cat >"$HOME"/.gitconfig <<-EOF &&
>         [home]
>                 config = true
>         EOF
>         mkdir -p "$HOME"/.config/git &&
>         cat >"$HOME"/.config/git/config <<-EOF &&
>         [xdg]
>                 config = true
>         EOF
>         cat >.git/config <<-EOF &&
>         [local]
>                 config = true
>         EOF
>         cat >custom-global-config <<-EOF &&
>         [global]
>                 config = true
>         EOF
>         cat >custom-system-config <<-EOF &&
>         [system]
>                 config = true
>         EOF
> 
>         cat >expect <<-EOF &&
>         global  xdg.config=true
>         global  home.config=true
>         local   local.config=true
>         EOF
>         git config --show-scope --list >output &&
>         test_cmp expect output &&
> 
>         sane_unset GIT_CONFIG_NOSYSTEM &&

Unsetting GIT_CONFIG_NOSYSTEM like this does affect the environment of
all subsequent tests and their git commands will then try to look at
the system config file.

Putting this 'sane_unset' and the rest of this test case in a subshell
seems to fix the issue.

>         cat >expect <<-EOF &&
>         system  system.config=true
>         global  global.config=true
>         local   local.config=true
>         EOF
>         GIT_CONFIG_SYSTEM=custom-system-config GIT_CONFIG_GLOBAL=custom-global-config \
>                 git config --show-scope --list >output &&
>         test_cmp expect output &&
> 
>         cat >expect <<-EOF &&
>         local   local.config=true
>         EOF
>         GIT_CONFIG_SYSTEM=/dev/null GIT_CONFIG_GLOBAL=/dev/null git config --show-scope --list >output &&
>         test_cmp expect output
> '



  reply index

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-08 14:17 [PATCH] config: Introduce GIT_CONFIG_NOGLOBAL Patrick Steinhardt
2021-04-08 16:44 ` Eric Sunshine
2021-04-08 17:25 ` Junio C Hamano
2021-04-08 23:18   ` Jeff King
2021-04-08 23:43     ` Junio C Hamano
2021-04-09  0:25       ` Jeff King
2021-04-08 23:34   ` Ævar Arnfjörð Bjarmason
2021-04-08 23:39   ` Ævar Arnfjörð Bjarmason
2021-04-08 23:30 ` Ævar Arnfjörð Bjarmason
2021-04-08 23:56   ` Junio C Hamano
2021-04-09 13:43 ` [PATCH v2 0/3] config: allow overriding global/system config Patrick Steinhardt
2021-04-09 13:43   ` [PATCH v2 1/3] config: rename `git_etc_config()` Patrick Steinhardt
2021-04-09 15:13     ` Jeff King
2021-04-09 13:43   ` [PATCH v2 2/3] config: unify code paths to get global config paths Patrick Steinhardt
2021-04-09 15:21     ` Jeff King
2021-04-09 13:43   ` [PATCH v2 3/3] config: allow overriding of global and system configuration Patrick Steinhardt
2021-04-09 15:38     ` Jeff King
2021-04-12 14:04       ` Patrick Steinhardt
2021-04-09 22:18     ` Junio C Hamano
2021-04-09 15:41   ` [PATCH v2 0/3] config: allow overriding global/system config Jeff King
2021-04-12 14:46   ` [PATCH v3 " Patrick Steinhardt
2021-04-12 14:46     ` [PATCH v3 1/3] config: rename `git_etc_config()` Patrick Steinhardt
2021-04-12 14:46     ` [PATCH v3 2/3] config: unify code paths to get global config paths Patrick Steinhardt
2021-04-12 14:46     ` [PATCH v3 3/3] config: allow overriding of global and system configuration Patrick Steinhardt
2021-04-12 17:04       ` Junio C Hamano
2021-04-13  7:11     ` [PATCH v4 0/3] config: allow overriding global/system config Patrick Steinhardt
2021-04-13  7:11       ` [PATCH v4 1/3] config: rename `git_etc_config()` Patrick Steinhardt
2021-04-13  7:25         ` Jeff King
2021-04-16 21:14         ` SZEDER Gábor
2021-04-17  8:44           ` Jeff King
2021-04-17 21:37             ` Junio C Hamano
2021-04-18  5:39               ` Jeff King
2021-04-19 11:03                 ` Patrick Steinhardt
2021-04-23  9:27                   ` Jeff King
2021-04-13  7:11       ` [PATCH v4 2/3] config: unify code paths to get global config paths Patrick Steinhardt
2021-04-13  7:11       ` [PATCH v4 3/3] config: allow overriding of global and system configuration Patrick Steinhardt
2021-04-13  7:33         ` Jeff King
2021-04-13  7:54           ` Patrick Steinhardt
2021-04-13  7:33       ` [PATCH v4 0/3] config: allow overriding global/system config Jeff King
2021-04-13 17:49       ` Junio C Hamano
2021-04-14  5:37         ` Patrick Steinhardt
2021-04-19 12:31       ` [PATCH v5 " Patrick Steinhardt
2021-04-19 12:31         ` [PATCH v5 1/3] config: rename `git_etc_config()` Patrick Steinhardt
2021-04-19 12:31         ` [PATCH v5 2/3] config: unify code paths to get global config paths Patrick Steinhardt
2021-04-19 12:31         ` [PATCH v5 3/3] config: allow overriding of global and system configuration Patrick Steinhardt
2021-04-21 20:46           ` SZEDER Gábor
2021-04-21 21:06             ` SZEDER Gábor [this message]
2021-04-22  5:36               ` Patrick Steinhardt
2021-04-23  5:47             ` [PATCH] t1300: fix unset of GIT_CONFIG_NOSYSTEM leaking into subsequent tests Patrick Steinhardt
2021-04-19 21:55         ` [PATCH v5 0/3] config: allow overriding global/system config Junio C Hamano
2021-04-23  9:32         ` Jeff King
2021-04-12 14:46 ` [PATCH v3] config: allow overriding of global and system configuration Patrick Steinhardt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210421210614.GB2947267@szeder.dev \
    --to=szeder.dev@gmail.com \
    --cc=avarab@gmail.com \
    --cc=git@vger.kernel.org \
    --cc=gitster@pobox.com \
    --cc=peff@peff.net \
    --cc=ps@pks.im \
    --cc=sunshine@sunshineco.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Git Mailing List Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/git/0 git/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 git git/ https://lore.kernel.org/git \
		git@vger.kernel.org
	public-inbox-index git

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.git


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git