Best IT Recipes

How to configure an existing git repository to be used by a UNIX group

I have an existing git repository (bare) which until now was write-only. I want to open it for some UNIX user groups, foo, so that all foo members can click on it. I know that I can easily create a new git repo with:

git init --bare --shared=group repodir chgrp -R foo repodir

But I need an equivalent operation for an existing repo.

+71
git permissions share shared
Jul 13 '10 at 23:18
source share
5 answers

Try making an existing repository in repodir for users in the foo group:

 chgrp -R foo repodir # set the group chmod -R g+rw repodir # allow the group to read/write chmod g+s `find repodir -type d` # new files get group id of directory git init --bare --shared=all repodir # sets some important variables in repodir/config ("core.sharedRepository=2" and "receive.denyNonFastforwards=true")
+85
Jul 13 '10 at 23:34
source share

In the dir repo, run the following commands:

 git config core.sharedRepository group chgrp -R foo repodir chmod -R g+w repodir

Edit: In order to meet frequent confusion, group is the actual keyword, you should not replace this with the name of the group.

+34
Mar 02 '12 at 17:50
source share

By combining @David Underhill and @kixorz answers, I made my (final) decision.

It is intended for bare repositories and non-bare repositories. There are only slight differences between them, but in this way is clearer.

BARE REPOSITORY

 cd <repo.git>/ # Enter inside the git repo git config core.sharedRepository group # Update the git config chgrp -R <group-name> . # Change files and directories' group chmod -R g+w . # Change permissions chmod gw objects/pack/* # Git pack files should be immutable find -type d -exec chmod g+s {} + # New files get directory group id

Where:

  • <repo.git> is the public directory of the repository, usually on the server (for example, my_project.git/ ).
  • <group-name> is the group name for git users (e.g. users).


FREE REPOSITOR

 cd <project_dir>/ # Enter inside the project directory git config core.sharedRepository group # Update the git config chgrp -R <group-name> . # Change files and directories' group chmod -R g+w . # Change permissions chmod gw .git/objects/pack/* # Git pack files should be immutable find -type d -exec chmod g+s {} + # New files get directory group id

Where:

  • <project_dir> is the project directory containing the .git folder.
  • <group-name> is the group name for git users (e.g. users).
+29
Apr 15 '15 at 9:10
source share

This is probably not necessary, but it is worth noting that git init --bare --shared also sets the denyNonFastForwards option.

 git config receive.denyNonFastForwards true

The value of this parameter is as follows:

receive.denyNonFastForwards

If you reconfigure what you already clicked, and then try to click again, or else try to push a commit to a remote branch that does not contain a commit that the remote branch points to, you will be denied. This is usually a good policy; but in the case you can determine that you know what you are doing, and you can force-update the remote branch with the -f flag for your push command.

(from http://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration )

+2
Jan 19 '15 at 13:11
source share

In addition to the answers above allowing the group to read / write, you also need to add the user to the group (say, "foo").

 sudo usermod -a -G [groupname] [username]

Note: you will have to create a user first if it does not exist

0
Apr 18 '16 at 18:31
source share


More articles:


All Articles