Menu
Have need to prevent root from updating a git (working) directory. Reasoning includes but not limited to: preventing undersired file-system ownership changes.
None of the git hooks seem to prevent a fetch/merge/pull before it happens, similar to pre-commit hook. Or at least, nothing I see here (or in man page): http://www.analysisandsolutions.com/code/git-hooks-summary-cheat-sheet.htm
Thoughts?
496
Change the current working directory to your local project. List your existing remotes in order to get the name of the remote you want to change. Change your remote's URL from HTTPS to SSH with the git remote set-url command. Verify that the remote URL has changed.
Git Tracks ONLY the Executable Bit of the Permissions for the User Who Owns the File.
The hooks are all stored in the hooks subdirectory of the Git directory. In most projects, that's . git/hooks .
The only way I saw this not resolved but at least "mitigated" was through a wrapper for the git command:
All git commands go through this wrapper which proceeds if the user id is not root.
103
Change /root/.bashrc to add a new directory to the beginning of the PATH. Add a shell script there called git that tests $1 to be one of a few read-only commands (show/status/log/rev-list etc) and calls /usr/bin/git "$@" if the command is acceptable. This will prevent anybody on your team from accidentally running git pull as root. If you are worried about them doing it deliberately, you have bigger problems...
40
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
