From 475b81a67f4791eb85530e49846aa7f2eeec3f67 Mon Sep 17 00:00:00 2001
From: Ben Grande <ben.grande.b@gmail.com>
Date: Mon, 14 Oct 2024 17:05:14 +0200
Subject: [PATCH] fix: skip edit of files owned by system packages

Skipping the Git system configuration on Whonix weakens the state as it
starts depending on the dotfiles, but it is the only way to not break
system updates due to Whonix security-misc package owning the same file.

Fix: https://github.com/ben-grande/qusal/issues/101
---
 salt/dotfiles                   | 2 +-
 salt/sys-git/install-client.sls | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/salt/dotfiles b/salt/dotfiles
index f945709..7659897 160000
--- a/salt/dotfiles
+++ b/salt/dotfiles
@@ -1 +1 @@
-Subproject commit f9457092eaeddd4a21419620291a0cf1ab1bd277
+Subproject commit 7659897283297be0ee9e5e41943c05a8a925e688
diff --git a/salt/sys-git/install-client.sls b/salt/sys-git/install-client.sls
index bf6521b..4dd9f9c 100644
--- a/salt/sys-git/install-client.sls
+++ b/salt/sys-git/install-client.sls
@@ -50,7 +50,15 @@ include:
       - user
       - group
 
+{% if not salt['file.file_exists']('/usr/share/whonix/marker') -%}
+{#
+  Whonix's security-misc package owns /etc/gitconfig, fallback to Git dotfiles
+  to set this option.
+#}
+
 "{{ slsdotpath }}-install-client-allow-protocol":
   cmd.run:
     - name: git config --system protocol.qrexec.allow always
     - runas: root
+
+{% endif -%}