Group permissions not respected

[holgi]

I ran into a strange behavior when trying to read a bare repo on my FreeBSD machine with pygit2:

Info:

• FreeBSD: 13.1
• libgit2-1.3.2
• pygit2: 1.10.0

> whoami 
www

> git init --bare testrepo.git
Initialized empty Git repository in /example/testrepo.git/

> chmod -R 770 testrepo.git 
> ls -lah
[...]
drwxrwx---  7 www   www      10B Jul 28 08:48 testrepo.git

> python3 -c "import pygit2;path = pygit2.discover_repository('testrepo.git');print(path);print(pygit2.Repository(path))"
/example/testrepo.git/
pygit2.Repository('/example/testrepo.git/')

> sudo chown -R git:www testrepo.git 
> ls -lah
[...]
drwxrwx---  7 git   www      10B Jul 28 08:48 testrepo.git

> python3 -c "import pygit2;path = pygit2.discover_repository('testrepo.git');print(path);print(pygit2.Repository(path))"
/example/testrepo.git/
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/example/.venv/lib/python3.9/site-packages/pygit2/repository.py", line 1620, in __init__
    path_backend = init_file_backend(path, flags)
_pygit2.GitError: Repository not found at testrepo.git

> sudo chmod -R 777 testrepo.git
> ls -lah
[...]
drwxrwxrwx  7 git   www      10B Jul 28 08:48 testrepo.git

> python3 -c "import pygit2;path = pygit2.discover_repository('testrepo.git');print(path);print(pygit2.Repository(path))"
/example/testrepo.git/
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/example/.venv/lib/python3.9/site-packages/pygit2/repository.py", line 1620, in __init__
    path_backend = init_file_backend(path, flags)
_pygit2.GitError: Repository not found at testrepo.git

It seems, like the repo can only be opened if the owner is also the user; the group permissions seem to be ignored.

I could confirm this behavior also on a Ubuntu machine:

• Ubuntu: 20.04
• libgit2-28
• pygit2: 1.10.0

I'm not quite sure if this is a problem of pygit2 or the underlying libgit2, or if I did something wrong…

[hramrach]

This sounds like a problem of not setting up the repository as 'safe'.

I do not remember exact versions.

• from some version git refuses to operate on repository that is writable by somebody other than the current user
• there is a 'safe' flag that can be configured in the global/system config to override this
• some combination of libgit/pygit versions do not have a separate error message for this situation and claim the repository does not exist
• with recent versions of libgit/pygit you should get a meaningful error saying something along the lines that the repository is not safe