File ownership/group is changed when users push to a GIT repository

Question

For over a year, I've been having troubles with GIT and directory/file permissions. I have a central repository to which multiple developers push code, using ssh (origin set up as ssh://example/git/repository). I have set up the repository as follows:

1) My config file in the central repository: [core] repositoryformatversion = 0 filemode = true bare = true sharedrepository = 0660

2) All repository directory permissions are set to 770 (rwxrwx---) 3) All files in ./objects/XX and ./objects/info are set to 440 (r--r-----) 4) All other files are set to 660 (rw-rw----) 5) Ownership is set to root:group_name

(note that this came from the reccomended setup in the top response in this thread: Making git push respect permissions?)

All accessing users are members of the group 'group_name'.

The problem is that if user1 pushes to the repository, the file ownership on some files are set to user1:user1 - meaning that the group is changed. Once this happens, no other users can push (or pull) from the repository, as they do not have permission to read, write or execute from required files in the repository anymore.

I have read every thread I can find regarding the matter on Stack Overflow and pretty much everywhere else on the net, but I keep running into this same issue.

The problem is, I'm not sure if this issue is one of GIT, or one of UNIX, and I'm not sure how to fix it. How can I stop the group from being changed when a user pushes to the repository?

Answer 1

It looks like you changed to git config core.sharedRepository 0660 after initializing the repository rather than using git init --shared=0660 which should set the permissions up correctly. This means that the sgid bit won't be set on the git repository's directories correctly. You will have to fix this manually with something like (assuming GNU find and xargs):

find . -print0 | xargs -0 chgrp group_name

find . -type d -print0 | xargs -0 chmod g+s

Excerpt of git init --help for those confused about group vs. true vs. 0660:

   --shared[=(false|true|umask|group|all|world|everybody|0xxx)]
       Specify that the Git repository is to be shared amongst several users.
       This allows users belonging to the same group to push into that
       repository. When specified, the config variable
       "core.sharedRepository" is set so that files and directories under
       $GIT_DIR are created with the requested permissions. When not
       specified, Git will use permissions reported by umask(2).

       The option can have the following values, defaulting to group if no
       value is given:

       umask (or false)
           Use permissions reported by umask(2). The default, when --shared
           is not specified.

       group (or true)
           Make the repository group-writable, (and g+sx, since the git group
           may be not the primary group of all users). This is used to loosen
           the permissions of an otherwise safe umask(2) value. Note that the
           umask still applies to the other permission bits (e.g. if umask is
           0022, using group will not remove read privileges from other
           (non-group) users). See 0xxx for how to exactly specify the
           repository permissions.

       all (or world or everybody)
           Same as group, but make the repository readable by all users.

       0xxx
           0xxx is an octal number and each file will have mode 0xxx.  0xxx
           will override users' umask(2) value (and not only loosen
           permissions as group and all does).  0640 will create a repository
           which is group-readable, but not group-writable or accessible to
           others.  0660 will create a repo that is readable and writable to
           the current user and group, but inaccessible to others.