How to use group file permissions correctly on a g

2020-02-08 04:00发布

站内问答 / 移动开发
963 5 4

We're accessing a shared git repository via file paths, for various reasons I'll omit for now, created with --shared=group.

We have various unix groups but all share a common group. If I run a chgrp -R on the git repository everyone can read from it, but if someone writes to it more often than not new files are created which do not use the common group.

This problem appears to be because our primary group is not the shared one and if we run a newgrp all seems to work well.

There are issues with this approach though; newgrp is slow and it spawns a new shell, which makes me think calling it in a .bash_profile would be a bad idea, without even considering whether or not we'd want all our new files to use the common group. Relying on memory to run it before doing any git work seems like a recipe for disaster too though.

So... any suggestions?

5条回答
可以哭但决不认输i
2楼-- · 2020-02-08 04:32

An existing repository that has not been created with --shared can be turned shared using following commands:

# make the repository shared
git config core.sharedRepository group # or whatever other sharing option
# fix the setgid bit
find . -type d | xargs chmod g+s
# repair the permissions
chmod -R g+r *
查看更多
0人赞 添加讨论(0) 举报
放我归山
3楼-- · 2020-02-08 04:37

I had to use a combination from the above answers:

git config core.sharedRepository group
chgrp -R GROUP /path/to/repo
find /path/to/repo -type d -exec chmod g+rwxs {} \;
查看更多
0人赞 添加讨论(0) 举报
聊天终结者
4楼-- · 2020-02-08 04:39

Is this a bare repo? If its a bare repo and you used --shared when you created it then this shouldn't be happening which is why I'm asking.

If it is a bare repo maybe some of the directories got changed to g-s, if that happened you need to either chmod g+x all the directories only, make sure you don't do it to any files. An easier way than that might be to just git init --bare --shared=group a new repo and push the content back to it from somebodies clone.

查看更多
0人赞 添加讨论(0) 举报
Explosion°爆炸
5楼-- · 2020-02-08 04:40

You need to set the setgid bit on the group as well.

chgrp -R GROUP /path/to/repo
find /path/to/repo -type d -print0 | xargs -0 chmod g+s
查看更多
0人赞 添加讨论(0) 举报
爱情/是我丢掉的垃圾
6楼-- · 2020-02-08 04:41

Once the bare repository has the shared=group flag, git will take care of the rest, so the following has to be done only once. Also setgid is deprecated for this use. Here I copy/paste my answer from serverfault:

Assuming repogroup is your group, and you have cd to the repo directory:

First change the shared flag to group: 

git config core.sharedRepository group

Note: here you must use the keyword group, not the group name. This is equivalent to creating the bare repository with option --shared=group.

Then change the group for the whole repository:

chgrp -R repogroup .

To make sure that existing directories are group-writable (g+w), and existing executables also become group-executables (g+X) you also need to:

chmod -R g+wX .

Once you have done this, git will honor the shared=group flag and take care of group permissions in the following, both for existing and new files, so you'll never need again to umask or chgrp.

I'll put the source in a comment if I find it back.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)