246

I mounted a new hdd in my linux workstation. It looks working well. I want to download some repo in the new disk. So I execute git clone XXX, and it works well. But when I cd in the folder, and execute git submodule update --init --recursive. It failed with

fatal: detected dubious ownership in repository at '/media/data/users/jhu3szh/serialize'
To add an exception for this directory, call:

git config --global --add safe.directory /media/data/users/jhu3szh/serialize

I thought maybe it's just a slight warning, so I just executed git config --global --add safe.directory /media/data/users/jhu3szh/serialize. However, when I execute the git submodule again, more similar errors came out. There are many submodules in repo.

Can someone give me some explanation of what happened?

starball
  • 20,030
  • 7
  • 43
  • 238
Huihua Jiang
  • 2,561
  • 2
  • 4
  • 9
  • 2
    Are you sure you have the proper permissions in the directory? Other posts regarding a similar problem suggest that it may be due to lacking permissions. – Nox Jul 14 '22 at 09:50
  • @Nox, Well, I tried execute 'chmod -R 777 .' in the parent folder. It still didn't work. Besides, I just tested touching a file and write something in it is OK. – Huihua Jiang Jul 14 '22 at 10:07
  • 2
    It's not a question of the *modes* of files in the repository (though you should definitely *not* set them to 0777 in most cases, so you might want to undo your `chmod` if you can; unfortunately without restoring from backup, that's generally difficult). The complaint instead has to do with *ownership*, i.e., the user-ID who owns each of the various directories. – torek Jul 14 '22 at 12:21
  • 3
    You can either ensure that all repositories are owned by the correct owner-ID (by not running *anything* with `sudo` if at all possible), or bypass the security (but if you do that, you're taking some level of risk as shown by the CVE's existence). To fix the ownership of existing repositories, use `chown` to change their ownership to the correct owner. Of course this requires the use of `sudo`—but at least you can use it just once, to fix this condition, and then stop using it... – torek Jul 14 '22 at 12:22
  • 3
    To completely bypass the security, add `*` as a "safe" directory (note that this requires a Git version that supports `*`; 2..36 or later does, for instance). – torek Jul 14 '22 at 12:25
  • @HuihuaJiang Did you solve this problem? – SENGFAI Jul 15 '22 at 10:40
  • 1
    @Koithé, not yet – Huihua Jiang Jul 18 '22 at 01:41
  • You can also sudo to the username which owns the git directory (if you have more to do in there). e.g. "sudo su -l rancid -s /bin/bash" (if you're trying to pull an old version of the config out of RANCiD for example) – ericx Jul 21 '22 at 18:46
  • In my case ownership was the issue. I think if we copy and paste, the new folder (renaming it to required name)should have ownership and we can easily sort the issue. – tanni tanna Oct 20 '22 at 13:22
  • use : sudo git add . – Abdullah Tahan Feb 05 '23 at 17:20

25 Answers25

293

Silence all safe.directory warnings

tl;dr

Silence all warnings related to git's safe.directory system. Be sure to understand what you're doing.

git config --global --add safe.directory '*'

Long version

Adapted from this post on I cannot add the parent directory to safe.directory in Git.

I had the same issue and resolved it by disabling safe directory checks, which will end all the "unsafe repository" errors.

This can be done by running the following command1:

git config --global --add safe.directory '*'

Which will add the following setting to your global .gitconfig file:

[safe]
    directory = *

Before disabling, make sure you understand this security measure, and why it exists. You should not do this if your repositories are stored on a shared drive.

However, if you are the sole user of your machine 100% of the time, and your repositories are stored locally, then disabling this check should, theoretically, pose no increased risk.

Also note that you can't currently combine this with a file path, which would be relevant in my case. The command doesn't interpret the wildcard * as an operator per se – it just takes the "*" argument to mean "disable safe repository checks/ consider all repositories as safe".

1 - If this fails in your particular terminal program in Windows, try surrounding the wildcard with double quotes instead of single (Via this GitHub issue):
git config --global --add safe.directory "*"

Petter Hesselberg
  • 5,062
  • 2
  • 24
  • 42
Stiin
  • 3,073
  • 1
  • 8
  • 12
94

I got same issue and fixed by changing owner for directory. Please try

chown -R <current_user> <repo_folder>
ggorlen
  • 44,755
  • 7
  • 76
  • 106
Prakash Sahoo
  • 941
  • 2
  • 3
  • 1
    Could we set the user running the ansible module instead ? – Loenix Sep 03 '22 at 09:54
  • I thought about this but I am using a Linux development machine which has a single specific user that needs to own the files and I add myself to that group... I suppose i could log into that account or `su` into it ... I do wish there was a way I could add the extra user as safe and not the file system... – CrandellWS Oct 23 '22 at 23:43
  • `-R` descends directories `recursively`, changing the ownership for each file. – Rokit Aug 08 '23 at 19:31
34

If same problem occurs on NTFS/Windows, make sure both parent of .git and .git folders are owned by exact user you run git from.

Just same group (Administrators) or only parent of .git may not work.

Upd: Permissions can be edited via right-click on the folder(s) → Properties → Security Tab → Advanced (bottom right of the window) → Owner.
Possibly disabling inheritance will be required, done in same window. This q/a have hints.

User you run git from can be checked in Resource Monitor: Task Manager → Performance → Open Resource Monitor (on bottom). May require enabling hidden "User Name" column.

halt9k
  • 527
  • 4
  • 13
  • This worked but it's not clear how to find the username. Inside the Resource Monitor I added the User Name column under processor/CPU (not sure what term is used in English versions of Windows). Furthermore you need to know what to look for. I noticed that a lot of processes were running from my Windows username, so I tried that name. Now when changing owner I typed that username in the text field and then pressed the "Check username" button, and the username was appended to the computer name such as MyComputer\MyUsername. Doing this on project folder and .git folder solved the problem. – Robin Manoli Oct 01 '22 at 07:23
  • to find a current user name in windows use command 'set username' (in command prompt, with out ') – tanni tanna Oct 02 '22 at 14:56
  • What was supposed here - user of git.exe process or if git is used from other wrapper like MSVS or SourceTree (and not running), then user of such wrapper process. – halt9k Oct 03 '22 at 15:46
  • In Windows Explorer, View tab > Show/hide > Show Hidden items – Michael Blake Oct 14 '22 at 11:21
  • I had this problem because I ran my command prompt as an Administrator. So, every "git clone" I did from the command line created the folder with the owner being the 'Administrators Group'. When I tried to do any activities using a GUI application (which were launched from my account context) I would get this error. Very annoying. – Brian Colavito Feb 22 '23 at 17:33
  • W10 & this worked for me! I had to go to my user dir (c:\users\cmeza) & change the owner to me with properties dialog & setting recursive, but it looks like @KleytonRoan's answer would work as well. – cmeza Mar 01 '23 at 20:07
21

If the OS is Windows, you have to take the owner of the file with the command

takeown /F <dir/*> /R

/F parameter is the file, with the * wildchar will apply to all files and folder;

/R parameter means recursive, it applies the owner to the current logged user to all files and subfolders too

<dir/*> is the directory to take ownership of.

idbrii
  • 10,975
  • 5
  • 66
  • 107
Kleyton Roan
  • 211
  • 1
  • 2
9

Make sure you are using the correct terminal user. For me I had temporarily changed to the root user which would have caused issues. Changed back to standard user with su git-user and error went away.

harri
  • 494
  • 11
  • 26
  • 1
    Same with windows. Was running from cmd as Administrator in the begining, then accidentally run cmd as user and got that error – Vit Nov 20 '22 at 16:20
9

I ran below command on git bash to solve it

git config --global --add safe.directory C:/User/username/source/myproject

Close and reopen VS Code if required.

R15
  • 13,982
  • 14
  • 97
  • 173
7

Create a new directory on your disk where your current user is the owner of this new directory. In this new directory clone your git repo.

Centillion
  • 321
  • 3
  • 7
6

I've got the same error message on Ubuntu/LEMP when executed git's commands from PHP. Nothing suggested above helped to fix problem.

Solution: You need to set correct owner of the hidden '.git' folder.

In my case git comands was executed by 'www-data' user (which is a web-server user):

sudo chown www-data:<current_user> -R .git

To restore ability to work with git from command line you need to allow group to write:

sudo chmod g+w -R .git
VladSavitsky
  • 523
  • 5
  • 13
3

It seems that two folders are being checked by git: the .git folder and the folder containing it. Both must be owned by the current user. The other folders and files of the folder containing the .git folder can be owned by other users if there is a need. Therefore

  1. Check the current user, e.g. run whoami
  2. Check the owner of the .git folder, e.g. run ls -al .git
  3. Evaluate the impact of changing the ownership of the .git folder if it is not the current user. If you want to also change the group, you might want to check what groups a user is in, e.g. running id -Gn username or groups username
  4. Update the owner of the git repository if it is safe by running sudo chown current_user:appropriate_group .git with the appropriate current_user and appropriate_group, e.g. run sudo chown ubuntu:ubuntu .git
  5. Check the owner of the folder containing the .git folder, e.g. run ls -al ./
  6. Evaluate the impact of changing the ownership of that folder if it is not the current user. If you want to also change the group, you might want to check what groups a user is in, e.g. running id -Gn username or groups username
  7. Update the ownership of that folder by running sudo chown current_user:appropriate_group ./ with the appropriate current_user and appropriate_group, e.g. run sudo chown ubuntu:ubuntu ./

Ensure that if you do change the owner of the folder containing the .git folder that permissions are still setup to work as you prefer, i.e. whether the previous owner retains the same read, write and execute permissions with the current group and everyone permissions. If they have lost permissions, either consider adjusting the group or other or revert the folder ownership change and use the git config --global --add safe.directory path/to/respository solution instead.

WhiteKnight
  • 4,938
  • 5
  • 37
  • 41
2

It should be possible to restore the ownership. For example:

sudo chown -v "$( id -u; ):$( id -g; )" .;
sudo chown -v "$( id -u; ):$( id -g; )" -R .git;
find '.git' -type d -exec chmod -v 775 {} \;;
find '.git/objects' -type f -exec chmod -v 444 {} \;;
find '.git/hooks' -mindepth 1 -maxdepth 1 -type f -exec chmod -v 775 {} \;;
find '.git' -type f ! -path '.git/objects/*' ! -path '.git/hooks/*' -exec chmod -v 664 {} \;;

Related: ensure_valid_ownership()

Artfaith
  • 1,183
  • 4
  • 19
  • 29
0

I had the problem with a library from the vendor folder. I just deleted the folder of the library and reinstall it.

Alin Pop
  • 317
  • 2
  • 8
0

For anyone having this problem in phabricator here is the solution that worked for me.

Background: Phabricator was working fine for me until this happened. When I open any repository to get the clone URL it throws me this error:

fatal: detected dubious ownership in repository at '/var/repo/3'

Solution: I checked the permissions and ownership of dir /var/repo which was my current user. Phabricator web-server executes the commands using user "www-data". I then changed the ownership of the "/var/repo" dir to the following:

sudo chown www-data:ubuntu -R repo/

After that it worked fine.

PalFS
  • 731
  • 6
  • 16
0

If the command you are running already failed once or there was a previous version of the package in the install folder, try removing the corresponding package's folder before trying again or look for further solutions. Here, jhu3szh/serialize for example if it corresponds to your package name.

Williem
  • 1,131
  • 1
  • 12
  • 19
0

Encountered fatal: detected dubious ownership in repository at using Fork client on Windows against repository in WSL. Solution was to open git console inside Fork (pointing at git windows client used by Fork) and execute:

git config --global --add safe.directory '%(prefix)///wsl$/Ubuntu-22.04/home/username/code/my-repo-name'

Running command inside WSL simply not worked as it changes .gitconfig inside the WSL.

klapshin
  • 761
  • 8
  • 14
0

This error is raised when you make an attempt to git initialize (and then run any other git command) a folder that is not child of /home/my_user/.

In your case, the folder is serialize, which is under /media/... .

You can stop the alert form being raised by just moving the folder under /home/my_user/ .

Otherwise, you can also change the owner of my_project_folder , as @Prakash Sahoo suggests.

Tms91
  • 3,456
  • 6
  • 40
  • 74
0

If you are lost, git clone the file with different usernames, for example try with sudo git clone, this gives ownership to root, if you choose instead just git clone... then the ownership goes to the current username...one of them should work, likely you are mixing them up and you need to type sudo git branch -a to avoid this error.

stats con chris
  • 178
  • 1
  • 10
0

Happened to me after upgrading JetBrains Rider code editor. Before the upgrade Rider was launched by a shortcut as Administrator. Upgrade removed the shortcut's config of "Run as Admin" which caused Rider's Terminal to start giving me this git error. Running the application (Rider) as Admin again solved the git issue.

izy
  • 1,085
  • 14
  • 18
0

In Ubuntu, I ran the following command and then my problem was solved:

git config --global --add safe.directory /opt/lampp/htdocs/MyPROJECT
Ali Yazdanifar
  • 372
  • 4
  • 12
0

I had the same problem in when with windows I used the solution provided by Kaustubh Navale up in the answers and it worked for me. I just run this and the problem was solved git config --global safe.directory '*'

Gloria Busungu
  • 31
  • 2
0

If you clone a repo with a given user and then try to pull changes with a different user, the error arises. Change the user to the user you cloned the repo with, like this:

su <user>

The proceed, for instance,

git pull
cmucheru
  • 1
  • 2
  • Thank you for your interest in contributing to the Stack Overflow community. This question already has quite a few answers—including one that has been extensively validated by the community. Are you certain your approach hasn’t been given previously? **If so, it would be useful to explain how your approach is different, under what circumstances your approach might be preferred, and/or why you think the previous answers aren’t sufficient.** Can you kindly [edit] your answer to offer an explanation? – Jeremy Caney Aug 26 '23 at 23:26
-1

Open git bash in your project Location and run below command for Windows OS for bypass security.

git config --global safe.directory '*'

Kaustubh Navale
  • 17
  • 1
-1

For me the solution was to run console (or SourceTree in this case) as admin.

Alex Peter
  • 1
-3

Just do your command from sudo rights like : sudo git clone XXX

Alexandergoldberg
  • 1
-4

My problem was that I was not running as sudo. I usually set at the beginning sudo bash and do not think about sudo command. So it made me a lot of headache before I realized that I skipped my common step.

elano7
  • 1,584
  • 1
  • 18
  • 18
  • Running everything as super user is like cleaning everything with nuclear bomb :) It works, but... – LordMsz Dec 31 '22 at 13:49
-9

Just run using sudo : sudo git status

Ashish Saini
  • 190
  • 3
  • 11
  • 3
    While this silences the warning, it fails to actually solve the underlying issue, and is not a good idea in the long term. Plus, not everybody can use sudo. – joanis Aug 24 '22 at 17:50
  • @joanis Okay, thanks for highlighting my mistake. i would request you to explain us the real RCA of this issue so we can understand this problem better. Thank you – Ashish Saini Aug 31 '22 at 10:53
  • These messages are always about file and directory ownership. There are good answers above addressing the underlying issue. – joanis Aug 31 '22 at 12:44