From 35da0e349c30cde375ec895784d8967833a9a4cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hannes=20K=C3=B6rber?= <hannes@hkoerber.de>
Date: Fri, 1 Jul 2022 20:03:36 +0200
Subject: [PATCH] Fix permission fix for dotfiles directory

---
 playbook.yml | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/playbook.yml b/playbook.yml
index d4e2d69..00908ab 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -834,8 +834,17 @@
 
     - name: fix permissions for dotfiles directory
       shell: |
-        chown --changes --recursive dotfiles:dotfiles /var/lib/dotfiles
-        chmod --changes --recursive g+wX /var/lib/dotfiles
+        # There is no sane way to specify the global .gitconfig to use, so we
+        # actually have to override HOME so git looks into ~/.gitconfig
+        export HOME="$(mktemp -d)"
+        set -o pipefail
+        set -o errexit
+        cd /var/lib/dotfiles
+        git config --global --add safe.directory /var/lib/dotfiles
+        git ls-tree -z --name-only HEAD | xargs --null chown --changes --recursive dotfiles:dotfiles
+        git ls-tree -z --name-only HEAD | xargs --null chmod --changes --recursive g+wX /var/lib/dotfiles
+      args:
+        executable: /bin/bash
       register: dotfiles_permission_change
       become: true
       become_user: root