make Git repository global writable
We have 3 people using a shared Git repo. We don't have sudo permission to create/change t开发者_开发百科he group. Since the machine is safe, we were asked to make the Git global writable(chmod +R o+rw *
). However we get this error from time to time.
error: insufficient permission for adding an object to repository database .git/ objects
This happens randomly. When some person pushes his code, I don't get this error.When another person pushes his code, I got this error again.
I have done git repo-config core.sharedRepository true
, but seems to only apply to groups
. How do I set Git to make new files global writable?
We just came across the same issue. Here's how we've tackled it, in addition to running
git repo-config core.sharedRepository true
.
Note: this was on an Ubuntu Linux server - you may need different commands on your OS but the approach should be broadly similar. Note that many of these commands will need to be run as root or under sudo
.
Step 1. Create a new, shared group
For example, developers. Add your developers to it.
groupadd developers
usermod -aG developers <username>
Step 2. Change group ownership of the existing repository
chgrp -R developers /path/to/repo
Also make the files group-writeable:
chmod -R g+w /path/to/repo
Step 3. Ensure that new directories get created with the group set to the new group name
In some *nix OSs (e.g. FreeBSD, OS X) the group of newly created files is inherited from the parent directory. On other OSs (e.g. Ubuntu) it's determined by the group of the creating process. In the latter case you can override that behaviour by setting the setgid flag on the parent directory. So one way to make sure that new directories created by e.g. git pull
have the same group as their parent is to periodically run something like this:
find /path/to/repo -type d -exec chmod g+s {} \;
(i.e. find all files under /path/to/repo of type directory and run chmod g+s on them to set the setgid flag.)
Another way you might approach this is by making developers the primary login group for all developers:
usermod -g developers <username>
(Note that this may result in a user no longer being a member of their previous primary login group, typically the group with the same name as the username. Use usermod -aG old_group usernanme
to restore that membership.)
Using usermod -g developers
means that when a user creates new files they will be default be owned by user:username, group:developers. However, new files will typically be created so that they're only user-writeable, not group-writeable. (i.e. if you run touch foo; ls -l foo
you'll see the permissions mask as -rw-r--r--
.) To have new files you create be group-writeable by default, add umask 0002
to the end of your .profile
or .bash_profile
file.
echo umask 0002 >> ~/.profile
Phew! Hope this helps. I'm sure this process isn't perfect and it's definitely not a one-size-fits-all, but hopefully it'll give you some pointers. I've made it a community wiki so that others can add to it.
This is an ugly solution, but it seems to work. It is based on the post-receive hook, which is used to set permissions on all files in the repository after each push to the repository.
mkdir sharedrepo
cd sharedrepo
git init --bare
echo "chmod -f -R a+rw ." >> hooks/post-receive
chmod a+x hooks/post-receive
cd ..
chmod -R a+rw sharedrepo
Put all the developers into a group (say developers
), and run chgrp -R developers myrepo-on-the-server/
.
精彩评论