From 09a4ec6ec31e0ed6da9baf8e66434f369dbbfc37 Mon Sep 17 00:00:00 2001
From: Ben Grande <ben.grande.b@gmail.com>
Date: Mon, 14 Oct 2024 17:05:14 +0200
Subject: [PATCH] fix: skip edit of files owned by system packages

Skipping the Git system configuration on Whonix weakens the state as it
starts depending on the dotfiles, but it is the only way to not break
system updates due to Whonix security-misc package owning the same file.

Fix: https://github.com/ben-grande/qusal/issues/101
---
 salt/dotfiles                   | 2 +-
 salt/sys-git/install-client.sls | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/salt/dotfiles b/salt/dotfiles
index f945709..7659897 160000
--- a/salt/dotfiles
+++ b/salt/dotfiles
@@ -1 +1 @@
-Subproject commit f9457092eaeddd4a21419620291a0cf1ab1bd277
+Subproject commit 7659897283297be0ee9e5e41943c05a8a925e688
diff --git a/salt/sys-git/install-client.sls b/salt/sys-git/install-client.sls
index bf6521b..e6d7643 100644
--- a/salt/sys-git/install-client.sls
+++ b/salt/sys-git/install-client.sls
@@ -50,7 +50,13 @@ include:
       - user
       - group
 
+{% if not salt['file.file_exists']('/usr/share/whonix/marker') -%}
+{# Whonix's security-misc package owns /etc/gitconfig, fallback to Git dotfiles
+   to set this option. #}
+
 "{{ slsdotpath }}-install-client-allow-protocol":
   cmd.run:
     - name: git config --system protocol.qrexec.allow always
     - runas: root
+
+{% endif -%}