Error fatal: unsafe repository occurs when accessing a repository in Bitbucket Server
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
When accessing a repository, a 500 error is thrown with an error saying fatal: unsafe repository , such as the one below:
Environment
Bitbucket Server or Data Center version 7 or newer
Diagnosis
The logs show the following error:
1
"exited with code 128 saying: fatal: unsafe repository ('/var/atlassian/application-data/bitbucket/shared/data/repositories/ID' is owned by someone else) To add an exception for this directory, call: git config --global --add safe.directory /var/atlassian/application-data/bitbucket/shared/data/repositories/ID"Cause
There are several possible causes for this problem:
Cause 1
There is a recent git version released that has a security update that caused this issue and you might have installed this version of git on the machine(s) where Bitbucket Server is installed.
Cause 2
Bitbucket Server was installed to be running as a different user (e.g. atlbitbucket ) but was then started as a different user (such as root ), causing file system permissions to change. Alternatively, someone may have manually changed file system permissions.
Solution
Depending on the root cause, use one of these solutions to resolve the problem:
Solution 1
Downgrade or upgrade git to a version that is not affected by the issue.
Solution 2
Change the filesystem permission to give the user who Bitbucket Server is configured to run full control and permissions on the Bitbucket Server home directory. At the same time, double-check if the correct dedicated Bitbucket user owns the bitbucket data directory.
For Linux
You can do a recursive chown and chmod to give the Bitbucket Server user full access to the home directory recursively after stopping the application. In the example below atlbitbucket is the user that Bitbucket Server is running as replace this as appropriate.
1
2
$ cd /var/atlassian/application-data/bitbucket
$ chown -R atlbitbucket:atlbitbucket *Permissions may also be changed to read/write as well:
1
chmod -R 755 /var/atlassian/application-data/bitbucketFor Windows
Go to the BITBUCKET_HOME folder, right-click and select Properties, go to Security tab and ensure the dedicated Bitbucket user has all the checks enabled for the folder:
Double-check the directory owner it by clicking Advanced to confirm the owner of the folder:
Once done, start Bitbucket Server using the user you have granted permissions to. The How to View Detailed permissions for Bitbucket Server directory article has more detailed info about the issue.
Was this helpful?