Linux – Permission error with git on linux with bare shared repo

I've got a bare central repo that has this option turned on:

git config core.sharedRepository true

For some reason, the other users on this CentOS machine that pulls/pushes from the central repo always encounter a permission error when pushing onto a branch that someone already pushed.

I looked into the objects dir and realized that whoever pushed first gets their username set as the owner AND the group.

I've set it up so that the users all belong under a "developers" group and then chgrp -R the bare repo to be under the group ownership of "developers", but this has not fixed the issue yet.

Any other suggestions?

MORE INFO:

This is what happens when I push:

[dave@localhost wd]$ git push
Counting objects: 5, done.
Compressing objects: 100% (2/2), done.
error: insufficient permission for adding an object to repository database ./objects

fatal: failed to write object
error: pack-objects died of signal 13
error: failed to push some refs to '/gitrepos/repo.git'

As you can see, the permissions inside the objects folder on the bare central repo have dirs with different permissions that belong to another user, jane (the list has been shortened for readability):

[dave@localhost objects]$ ls -la
total 248
drwxrwxr-x 62 root   developers 4096 Dec 13 15:37 .
drwxrwxr-x  9 root   developers 4096 Dec 13 15:34 ..
drwxrwxr-x  2 root   developers 4096 Dec 12 16:05 01
drwxrwxr-x  2 root   developers 4096 Dec 12 16:05 2f
drwxrwsr-x  2 jane   jane       4096 Dec 13 15:37 30
drwxrwxr-x  2 root   developers 4096 Dec 12 16:19 33
drwxrwxr-x  2 root   developers 4096 Dec 12 16:05 39
drwxrwxr-x  2 root   developers 4096 Dec 12 16:19 6c
drwxrwxr-x  2 root   developers 4096 Dec 12 16:05 89
drwxrwsr-x  2 jane   jane       4096 Dec 13 15:37 8b
drwxrwxr-x  2 root   developers 4096 Dec 13 05:41 8e
drwxrwxr-x  2 root   developers 4096 Dec 12 16:19 90
drwxrwxr-x  2 root   developers 4096 Dec 12 14:32 info
drwxrwxr-x  2 root   developers 4096 Dec 12 14:32 pack

Best Answer

You either need to make sure that the users are using 002 as their umask so that new files created are g+w, or you'll need to use extended acls to set default permissions for new files created in this repository. umask is something you set in the environment, perhaps in a .bashrc or /etc/profile or some such startup file, but it affects files created anywhere. You can't localize a umask to one particular directory. If you need this behavior in a specific directory, you might have to use extended filesystem ACLs, which requires remounting the filesystem with the acl option and using setfacl to change the default acls. In either case you should make all the directories group owned by 'developers' and chmod g+s which will make new directories/files inherit this group ownership

Best Answer

Related Solutions

GIt Daemon and Access Control for Multiple Repos

Ssh – How to prevent ssh git push to set file ownership

Related Topic