Git changes my file permissions upon checkout

Our workflow is develop on a local machine, commit the changes to a central repository, then check out the branch of that repository that we need.

The problem is that Git changes ownership and even file permissions of the files that it checks out, depending on the user making the checkout. A direct result of this is that our CSS files become unreadable after a checkout, as Git changes the file ownership to the person who did the Git pull in the webroot.

Example:

  • Before git pull: style.css owned by user_a:group_a
  • After git pull: style.css owned by user_b:user_b

I want to keep ownership as user_a:group_a. I don't want to have to log in every time one of my team has made a change to the files, and change the ownership back to the original configuration.

How do other people deal with this? How do you deal with repositories used by multiple users. We have suphp on our system and cannot take it off.


Git does not change file permissions or ownership. It's just that it (mostly) doesn't store it either, it doesn't exist in your repo, so they get changed to whatever your user has. Just like with any file creation.

Git supports two permission sets: executable bit on and executable bit off. Nothing else. Ownership information is not stored at all.

See this thread - "If you want specific permissions, you'll need to do it manually."

There are some solutions suggested: you can use a separate tool to do it for you, use a proper combination of user account and umask to set them properly by default or write a git hook yourself to do it. A hook would've to be installed on the user doing the checkout.

Like @ikke said in the comments, Git is not really a deployment tool and should not be used as such. It is a version control system for source code.


For me, the best solution was creation of a shell script that fixes the permissions. For example:

.git/hooks/post-checkout:

#!/bin/sh
chmod +x  tools/*

Btw, checkout is not the only case when git does mess with permissions, it's also when you pull. I handle that with .git/hooks/post-merge hook.

Ideally, you can create a shell script that fixes permissions somewhere in your repo (e.g. tools/fixpermissions.sh), and call it in both hooks. Don't forget to change the permissions for that file manually ;)

#!/bin/sh
chmod a+x tools/fixpermissions.sh
tools/fixpermissions.sh