We're accessing a shared git repository via file paths, for various reasons I'll omit for now, created with --shared=group.
We have various unix groups but all share a common group. If I run a chgrp -R on the git repository everyone can read from it, but if someone writes to it more often than not new files are created which do not use the common group.
This problem appears to be because our primary group is not the shared one and if we run a newgrp all seems to work well.
There are issues with this approach though; newgrp is slow and it spawns a new shell, which makes me think calling it in a .bash_profile would be a bad idea, without even considering whether or not we'd want all our new files to use the common group. Relying on memory to run it before doing any git work seems like a recipe for disaster too though.
So... any suggestions?
You need to set the setgid bit on the group as well.
chgrp -R GROUP /path/to/repo
find /path/to/repo -type d -print0 | xargs -0 chmod g+s
An existing repository that has not been created with --shared
can be turned shared using following commands:
# make the repository shared
git config core.sharedRepository group # or whatever other sharing option
# fix the setgid bit
find . -type d | xargs chmod g+s
# repair the permissions
chmod -R g+r *
Is this a bare repo? If its a bare repo and you used --shared when you created it then this shouldn't be happening which is why I'm asking.
If it is a bare repo maybe some of the directories got changed to g-s, if that happened you need to either chmod g+x
all the directories only, make sure you don't do it to any files. An easier way than that might be to just git init --bare --shared=group
a new repo and push the content back to it from somebodies clone.
I had to use a combination from the above answers:
git config core.sharedRepository group
chgrp -R GROUP /path/to/repo
find /path/to/repo -type d -exec chmod g+rwxs {} \;
Once the bare repository has the shared=group
flag, git will take care of the rest, so the following has to be done only once. Also setgid
is deprecated for this use. Here I copy/paste my answer from serverfault:
Assuming repogroup
is your group, and you have cd
to the repo directory:
First change the shared flag to group
:
git config core.sharedRepository group
Note: here you must use the keyword group
, not the group name.
This is equivalent to creating the bare repository with option --shared=group
.
Then change the group for the whole repository:
chgrp -R repogroup .
To make sure that existing directories are group-writable (g+w
),
and existing executables also become group-executables (g+X
)
you also need to:
chmod -R g+wX .
Once you have done this, git will honor the shared=group
flag and take care of group permissions in the following, both for existing and new files, so you'll never need again to umask
or chgrp
.
I'll put the source in a comment if I find it back.