From: Taylor Blau <me@ttaylorr.com>
To: rsbecker@nexbridge.com
Cc: 'Junio C Hamano' <gitster@pobox.com>, git@vger.kernel.org
Subject: Re: [BUG] fatal: transport 'file' not allowed during submodule add
Date: Fri, 30 Dec 2022 16:04:06 -0500 [thread overview]
Message-ID: <Y69SRs9ifDPagOUo@nand.local> (raw)
In-Reply-To: <011201d91aca$a5db7800$f1926800$@nexbridge.com>
On Wed, Dec 28, 2022 at 09:42:39AM -0500, rsbecker@nexbridge.com wrote:
>
>
> >-----Original Message-----
> >From: Junio C Hamano <jch2355@gmail.com> On Behalf Of Junio C Hamano
> On December 27, 2022 10:34 PM, Junio C Hamano wrote:
> ><rsbecker@nexbridge.com> writes:
> >
> >> As of 2.39.0, I am now getting fatal: transport 'file' not allowed
> >> when performing a submodule add after a clone -l. The simple reproduce
> >> of this
> >> is:
> >> ...
> >> This happens for any submodule add on the same system. Some online
> >> research indicates that there was a security patch to git causing
> >> this, but I can't find it. This does not seem correct to me or how this
> improves
> >security.
> >> Help please - this is causing some of my workflows to break.
> >
> >Thanks for reporting, Randall.
> >
> >This suspiciously sounds like what a1d4f67c (transport: make
> `protocol.file.allow`
> >be "user" by default, 2022-07-29) is doing deliberately. Taylor, does this
> look like a
> >corner case the 2.30.6 updates forgot to consider?
>
> I have tried using 'git config --local protocol.file.allow always' and/or
> 'git config --local protocol.allow always' to get past this, without
> success.
I couldn't reproduce the symptom you described. Indeed, the behavior of
not allowing local-submodules to be cloned without explicitly opting in
via the `protocol.file.allow` configuration is intentional.
The patch Junio mentioned, a1d4f67c12 (transport: make
`protocol.file.allow` be "user" by default, 2022-07-29) has some
examples of why this behavior was changed in the 2.30.6 update.
If you run either `git config --global protocol.file.allow always`, or
replace your last submodule add with:
$ git -c protocol.file.allow=always submodule add /path/to/subsrc.git
it should work as expected.
Thanks,
Taylor
next prev parent reply other threads:[~2022-12-30 21:04 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-27 23:00 [BUG] fatal: transport 'file' not allowed during submodule add rsbecker
2022-12-28 3:34 ` Junio C Hamano
2022-12-28 14:42 ` rsbecker
2022-12-28 22:10 ` Jonathan Nieder
2022-12-28 22:25 ` rsbecker
2022-12-30 21:08 ` Taylor Blau
2022-12-30 21:48 ` rsbecker
2023-01-03 8:57 ` Jeff King
2022-12-30 21:04 ` Taylor Blau [this message]
2022-12-30 21:43 ` rsbecker
2022-12-30 23:16 ` rsbecker
2022-12-30 20:15 ` rsbecker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y69SRs9ifDPagOUo@nand.local \
--to=me@ttaylorr.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=rsbecker@nexbridge.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).