lib/commit: Don't chown objects to repo target owner

The idea is that if the process is running as root, it can change
ownership of newly written files to match the owner of the repo.
Unfortunately, it currently applies in the other direction, too - a
non-root user writing to a root owned repository. If the repo is
writable by the user but owned by root, it can still create files and
directories there, but it can't change ownership of them.

This feature comes from
https://bugzilla.gnome.org/show_bug.cgi?id=738954. As it turns out, this
feature was never completed. It only works on content objects and not
metadata objects, refs, deltas, summaries, etc. Rather than try to fix
all of those, remove the feature until someone has interest in
completing it.

Closes: #1754
Approved by: cgwalters

1 files changed, 1 insertions, 10 deletions

diff --git a/src/libostree/ostree-repo-commit.c b/src/libostree/ostree-repo-commit.c
index 9521dc6c..134024b8 100644
--- a/src/libostree/ostree-repo-commit.c
+++ b/src/libostree/ostree-repo-commit.c
@@ -245,16 +245,7 @@ commit_loose_regfile_object (OstreeRepo        *self,
                              GCancellable      *cancellable,
                              GError           **error)
 {
-  /* We may be writing as root to a non-root-owned repository; if so,
-   * automatically inherit the non-root ownership.
-   */
-  if (self->mode == OSTREE_REPO_MODE_ARCHIVE
-      && self->target_owner_uid != -1)
-    {
-      if (fchown (tmpf->fd, self->target_owner_uid, self->target_owner_gid) < 0)
-        return glnx_throw_errno_prefix (error, "fchown");
-    }
-  else if (self->mode == OSTREE_REPO_MODE_BARE)
+  if (self->mode == OSTREE_REPO_MODE_BARE)
     {
       if (TEMP_FAILURE_RETRY (fchown (tmpf->fd, uid, gid)) < 0)
         return glnx_throw_errno_prefix (error, "fchown");