How to configure an existing git repo to be shared by a UNIX group
I have an existing git repo (a bare one) which has up to this point only been writable by me. I want to open it up to some UNIX user group, foo, so that all members of foo can push to it. I'm aware that I can easily set up a new git repo with:
git init --bare --shared=group repodir
chgrp -R foo repodir
But I need the equivalent operation for an existing repo dir.
Solution 1:
Try this to make an existing repository in repodir
work for users in group foo
:
chgrp -R foo repodir # set the group
chmod -R g+rw repodir # allow the group to read/write
chmod g+s `find repodir -type d` # new files get group id of directory
git init --bare --shared=all repodir # sets some important variables in repodir/config ("core.sharedRepository=2" and "receive.denyNonFastforwards=true")
Solution 2:
Merging @David Underhill and @kixorz answers, I made my own (definitive) solution.
It is for bare repos and non-bare repos. There are only little differences between them, but in this way is clearer.
BARE REPOSITORY
cd <repo.git>/ # Enter inside the git repo
git config core.sharedRepository group # Update the git's config
chgrp -R <group-name> . # Change files and directories' group
chmod -R g+w . # Change permissions
chmod g-w objects/pack/* # Git pack files should be immutable
find -type d -exec chmod g+s {} + # New files get directory's group id
where:
-
<repo.git>
is the bare repository directory, typically on the server (e.g.my_project.git/
). -
<group-name>
is the group name for git users (e.g. users).
NON-BARE REPOSITORY
cd <project_dir>/ # Enter inside the project directory
git config core.sharedRepository group # Update the git's config
chgrp -R <group-name> . # Change files and directories' group
chmod -R g+w . # Change permissions
chmod g-w .git/objects/pack/* # Git pack files should be immutable
find -type d -exec chmod g+s {} + # New files get directory's group id
where:
-
<project_dir>
is the project directory containing the.git
folder. -
<group-name>
is the group name for git users (e.g. users).
Solution 3:
In the repo dir execute following commands:
git config core.sharedRepository group
chgrp -R foo repodir
chmod -R g+w repodir
Edit: To address frequent confusion, group
is an actual keyword, you're not supposed to replace this with the name of the group.
Solution 4:
This is probably not necessary, but it's worth pointing out that git init --bare --shared
also sets the denyNonFastForwards option.
git config receive.denyNonFastForwards true
The meaning of this option is as follows:
receive.denyNonFastForwards
If you rebase commits that you’ve already pushed and then try to push again, or otherwise try to push a commit to a remote branch that doesn’t contain the commit that the remote branch currently points to, you’ll be denied. This is generally good policy; but in the case of the rebase, you may determine that you know what you’re doing and can force-update the remote branch with a -f flag to your push command.
(from http://git-scm.com/book/en/v2/Customizing-Git-Git-Configuration)