Menu
We're accessing a shared git repository via file paths, for various reasons I'll omit for now, created with --shared=group.
We have various unix groups but all share a common group. If I run a chgrp -R on the git repository everyone can read from it, but if someone writes to it more often than not new files are created which do not use the common group.
This problem appears to be because our primary group is not the shared one and if we run a newgrp all seems to work well.
There are issues with this approach though; newgrp is slow and it spawns a new shell, which makes me think calling it in a .bash_profile would be a bad idea, without even considering whether or not we'd want all our new files to use the common group. Relying on memory to run it before doing any git work seems like a recipe for disaster too though.
So... any suggestions?
545
Open Project settings>Repositories. To set the permissions for all Git repositories, choose Security. For example, here we choose (1) Project settings, (2) Repositories, and then (3) Security. Otherwise, to set permissions for a specific repository, choose (1) the repository and then choose (2) Security.
Directories should have 755 permission; files should have 644 permission. That's a pretty good rule of thumb unless you expect members of your group to make changes to your repository. Having said that, in one of my repositories, the files under . git/objects/* have 444 (readonly) permission for everyone.
Git Tracks ONLY the Executable Bit of the Permissions for the User Who Owns the File.
Permissions of 644 mean that the owner of the file has read and write access, while the group members and other users on the system only have read access. For executable files, the equivalent settings would be 700 and 755 which correspond to 600 and 644 except with execution permission.
You need to set the setgid bit on the group as well.
chgrp -R GROUP /path/to/repo find /path/to/repo -type d -print0 | xargs -0 chmod g+s
35
An existing repository that has not been created with --shared can be turned shared using following commands:
# make the repository shared git config core.sharedRepository group # or whatever other sharing option # fix the setgid bit find . -type d | xargs chmod g+s # repair the permissions chmod -R g+r * Is this a bare repo? If its a bare repo and you used --shared when you created it then this shouldn't be happening which is why I'm asking.
If it is a bare repo maybe some of the directories got changed to g-s, if that happened you need to either chmod g+x all the directories only, make sure you don't do it to any files. An easier way than that might be to just git init --bare --shared=group a new repo and push the content back to it from somebodies clone.
44
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
