Permissions are a pest.
Basically, you need to make sure that all of those developers can write to everything in the git repo.
Skip down to The New-Wave Solution for the superior method of granting a group of developers write capability.
The Standard Solution
If you put all the developers in a specially-created group, you can, in principle, just do:
chgrp -R <whatever group> gitrepo
chmod -R g+swX gitrepo
Then change the umask
for the users to 002
, so that new files get created with group-writable permissions.
The problems with this are legion; if you’re on a distro that assumes a umask
of 022
(such as having a common users
group that includes everyone by default), this can open up security problems elsewhere. And sooner or later, something is going to screw up your carefully crafted permissions scheme, putting the repo out of action until you get root
access and fix it up (i.e., re-running the above commands).
The New-Wave Solution
A superior solution—though less well understood, and which requires a bit more OS/tool support—is to use POSIX extended attributes. I’ve only come to this area fairly recently, so my knowledge here isn’t as hot as it could be. But basically, an extended ACL is the ability to set permissions on more than just the 3 default slots (user/group/other).
So once again, create your group, then run:
setfacl -R -m g:<whatever group>:rwX gitrepo
find gitrepo -type d | xargs setfacl -R -m d:g:<whatever group>:rwX
This sets up the extended ACL for the group so that the group members can read/write/access whatever files are already there (the first line); then, also tell all existing directories that new files should have this same ACL applied (the second line).
Hope that gets you on your way.
First of all, you need to check your openssh setup on Ubuntu server: see this HowTo.
Then you can follow this article, which mainly recommend:
$ sudo apt-get install python-setuptools
$ mkdir ~/src
$ cd ~/src
$ git clone git://eagain.net/gitosis.git
$ cd gitosis
$ sudo python setup.py install
$ sudo adduser \
--system \
--shell /bin/sh \
--gecos 'git version control' \
--group
--disabled-password \
--home /home/git \
git
go into your /etc/ssh/ssh_config
file and add git to the list of Allowed Users that can login.
copy your id_rsa.pub
file over to your server somewhere (in our example we're using /tmp
) and then run this command:
$ sudo -H -u git gitosis-init < /tmp/id_rsa.pub
Initialized empty Git repository in ./
$ sudo chmod 755 /home/git/repositories/gitosis-admin.git/hooks/post-update
From your local machine, test it out with this:
git clone git@YOUR_SERVER:gitosis-admin.git
Configure gitosis for a new project. Use your favorite editor to create a new block under the gitosis one. It should look like this:
[group myrailsapp]
members = myNameAsInTheRsa.pub
writable = myNewApp
A couple of things to watch out in the above block.
First, make sure your name matches what's in your public key (that is, open your id_rsa.pub file and see that what the name says.
Second, make sure you spell writable correctly!
Once you're done, commit and push the changes up to the server.
$ git commit -a -m "created a new repository!"
$ git push
Best Answer
I think the only way to do what you want is to maintain an updated git tree locally (though I could be wrong, and someone will correct me if I am).
What you're doing with SVN is really a hack -- If you were using svnserve instead of SVN-over-HTTP/DAV I don't believe you'd be able to do what you're doing. It just happens that the confluence of software you're using for SVN makes this possible.
The closest analog I can come up with would be an automatically-updating git repository in a directory accessible over HTTP, and that's a pretty hideous solution.