如何在计算机上与多个用户共享Git存储库? -- permissions 领域 和 git 领域 和 users 领域 和 share 领域 服务器管理 相关 的问题

How do I share a Git repository with multiple users on a machine?


简体版||繁體版
223
vote

问题

中文

我在登台服务器上有一个git存储库,多个开发人员需要能够拉到。 git-init 似乎有一个旗帜非常接近我正在寻找的东西: --shared ,除了我希望多个人一起拉到该存储库。 git-clone 's <代码> ABCDEFGHIJKLMNABCDEFGHIJKLMN3 标志完全不同。

更改现有存储库权限的最简单方法是什么?

英文原文

I have a Git repository on a staging server which multiple developers need to be able to pull to. git-init seems to have a flag very close to what I'm looking for: --shared, except I'd like multiple people to pull to that repository, as well. The git-clone's --shared flag does something entirely different.

What's the easiest way to change an existing repository's permissions?

           
 
 

回答列表

196
 
vote
vote
最佳答案
 

权限是害虫。

基本上,您需要确保所有这些开发人员都可以写入Git Repo中的所有内容。

跳至新波解决方案,了解授予一组开发人员的卓越方法写入能力。

标准解决方案

如果将所有开发人员放在专门创建的组中,则原则上可以执行以下操作:

  chgrp -R <whatever group> gitrepo chmod -R g+swX gitrepo   

然后更改 umask 为用户输入 002 ,以便使用组可写权限创建新文件。

这个问题是军团;如果您在发起的发行版中,假设 abcdefghijklmn5 abcdefghijklmn6 (例如默认包含每个人的公共 users 组),这可以在其他地方开辟安全问题。迟迟或以后,有些东西要搞砸了你仔细制作的权限方案,将repo脱离动作,直到获得 root 访问并修复它(即,重新运行上述命令)。

新浪波解决方案

一个卓越的解决方案 - 虽然更易于理解,但需要更多的操作系统/工具支持 - 是使用POSIX扩展属性。我最近只会到这个地区,所以我的知识在这里并不像它一样热。但基本上,扩展的ACL是能够设置超过3个默认插槽(用户/组/其他)的权限。

所以再一次,创建你的组,然后运行:

  setfacl -R -m g:<whatever group>:rwX gitrepo find gitrepo -type d | xargs setfacl -R -m d:g:<whatever group>:rwX   

这会为该组设置扩展ACL,以便组成员可以读/写/访问已有的任何文件(第一行);然后,还告诉所有现有目录新文件应该具有相同的ACL(第二行)。

希望让你在路上。

 

Permissions are a pest.

Basically, you need to make sure that all of those developers can write to everything in the git repo.

Skip down to The New-Wave Solution for the superior method of granting a group of developers write capability.

The Standard Solution

If you put all the developers in a specially-created group, you can, in principle, just do:

chgrp -R <whatever group> gitrepo chmod -R g+swX gitrepo 

Then change the umask for the users to 002, so that new files get created with group-writable permissions.

The problems with this are legion; if youxe2x80x99re on a distro that assumes a umask of 022 (such as having a common users group that includes everyone by default), this can open up security problems elsewhere. And sooner or later, something is going to screw up your carefully crafted permissions scheme, putting the repo out of action until you get root access and fix it up (i.e., re-running the above commands).

The New-Wave Solution

A superior solutionxe2x80x94though less well understood, and which requires a bit more OS/tool supportxe2x80x94is to use POSIX extended attributes. Ixe2x80x99ve only come to this area fairly recently, so my knowledge here isnxe2x80x99t as hot as it could be. But basically, an extended ACL is the ability to set permissions on more than just the 3 default slots (user/group/other).

So once again, create your group, then run:

setfacl -R -m g:<whatever group>:rwX gitrepo find gitrepo -type d | xargs setfacl -R -m d:g:<whatever group>:rwX 

This sets up the extended ACL for the group so that the group members can read/write/access whatever files are already there (the first line); then, also tell all existing directories that new files should have this same ACL applied (the second line).

Hope that gets you on your way.

 
 
       
       
124
 
vote

如果您使用

创建了存储库(或克隆新的裸仓)
  location / {         try_files $uri $uri/ /index.php?q=$request_uri; } 0  

  location / {         try_files $uri $uri/ /index.php?q=$request_uri; } 1  

git应该处理高于和超出默认umask提供的权限。最后,在我的git版本(1.6.3)上是真的。当然,这假设您的用户位于同一组中。

如果我需要在多个组中的用户管理,具有不同程度的读/写,我会带来褪色。我还听说过gitolite( http://github.com/sitaramc/gitolite ),这是一个舌头叉子提供分支级别权限,不能说我每一个都使用它。

 

if you created the repository (or cloned a new bare repo off an existing one) with

$ git init --shared=group  

or

$ git init --shared=0NNN 

Git is supposed to handle permissions above and beyond what your default umask provides. At last this is true on my version of Git (1.6.3). Of course this assumes your users are in the same group.

If I needed management of users in multiple groups with varying degrees of read/write however, I'd go with gitosis. I have also heard mention of gitolite (http://github.com/sitaramc/gitolite), a gitosis fork that is suppossed to provide branch level permissions, can't say I've every used it personally though.

 
 
         
         
55
 
vote

尚未说过,所以我想快速添加它。

要确保权限问题不会裁剪其丑陋的头,请务必在git共享存储库的配置文件上设置以下内容:

  [core]     sharedRepository = true   

这将确保您的系统的"umask" 设置受到尊重。

 

This has not been said, so I want to quickly add it.

To ensure that permissions issues do not crop their ugly head, make sure to set the following on your git shared repository's config file:

[core]     sharedRepository = true 

This will ensure that your system's "umask" settings are respected.

 
 
       
       
22
 
vote

git用户手册描述了如何共享存储库几种方式。

  • 通过 git守护进程
  • 通过 http < / a>。
  • cvs / svn样式,a 单个共享存储库其中开发人员推/拉。

更复杂,虽然具有共享存储库的功能 - 完整方法是:

  • 花晕
  • github (或github 防火墙安装)

我们使用github为6个开发人员的团队。

 

The Git User Manual describes how to share a repository in several ways.

  • Exporting via the Git Daemon.
  • Exporting via HTTP.
  • CVS/SVN style, a single shared repository where developers push/pull.

More complicated, though feature-full ways to share repositories are:

  • Gitosis
  • GitHub (or GitHub Firewall Install)

We use GitHub for a team of 6 developers.

 
 
         
         
9
 
vote

还查看 gitolite 用于托管您的Git存储库。显然不会开发出来。

 

Also look at gitolite for hosting your git repository. Gitosis apparently isn't being developed anymore.

 
 
4
 
vote

一种修复共享存储库的权限的方法,因此在推动时用户将不会具有权限问题,是创建一个更新后的挂钩脚本,这将执行此操作。这应该在任何Git版本中工作。

假设您在/myrepo.git中有共享存储库。该存储库中的所有文件都属于Say MySharedGroup 。所有推动该存储库的用户都应该属于 MySharedGroup 。现在创建以下文件(将 mysharedgroup 更改为您的首选项):

/myrepo.git/hooks/post-update

  #!/bin/sh chmod -R g+w . 2>/dev/null chgrp -R mysharedgroup . 2>/dev/null   
 

One way to fix permissions in the shared repository, so users won't have permission problems when pushing, is to create a post-update hook script which will do just that. This should work in any git version.

Suppose you have a shared repository in /myrepo.git. All files in that repository belong to say mysharedgroup. All users pushing to that repository should belong to mysharedgroup also. Now create the following file (changing mysharedgroup to your preferences):

/myrepo.git/hooks/post-update

#!/bin/sh chmod -R g+w . 2>/dev/null chgrp -R mysharedgroup . 2>/dev/null 
 
 
       
       
4
 
vote

从各种其他答案中汇总良好建议的良好建议和关于设置新的repo:

的评论

如果您正在设置一个全新的repo myrepo :组 mygroup ,这就是你想要的:

  mkdir /srv/git/myrepo.git chgrp mygroup /srv/git/myrepo.git git init --bare --shared /srv/git/myrepo.git   
  1. 第一行创建了repo dir
  2. 第二行将其组设置为 mygroup
  3. 第三行用以下配置初始化裸仓库:
    1. core.bare = true :使它成为一个裸露的repo
    2. core.sharedrepository = 1 (与 core.sharedrepository = group 相同):repo目录和稍后在它中创建的所有目录都将由git管理,允许 mygroup 阅读,写和执行权限(具有SGID位设置 - 以便与 mygroup 不是他们的主组的用户一起使用 mygroup))
    3. /srv/git0 :拒绝不前进的推动到repo

如果要微调用户,组或其他用户的权限,请使用 /srv/git1 ,其中 /srv/git2 是标准用户,组和其他位对于文件目录上的执行和sgid位将由git适当地管理)。例如,这允许对用户的读写访问,以及对组的只读访问(并且无法访问其他):

  /srv/git3  

这允许对用户和组的读写访问(并且无法访问其他):

  /srv/git4  

这允许对用户和组的读写访问,以及对其他的只读访问:

  /srv/git5  

注意,如果您不允许对该组的写入访问,请务必首先使用 /srv/git6 来设置repo的所有者,然后运行 /srv/git7 命令作为该用户(以确保repo与所有初始文件和子目录的正确所有者初始化)。

 

To aggregate the bits and pieces of good advice from the various other answers and comments about setting up a new repo:

If you're setting up a brand new repo myrepo in /srv/git for the group mygroup, this is what you want:

mkdir /srv/git/myrepo.git chgrp mygroup /srv/git/myrepo.git git init --bare --shared /srv/git/myrepo.git 
  1. the first line creates the repo dir
  2. the second line sets its group to mygroup
  3. the third line initializes a bare repo with the following configuration:
    1. core.bare = true: make it a bare repo
    2. core.sharedrepository = 1 (same as core.sharedrepository = group): the repo directory and all directories later created in it will be managed by git to allow mygroup read, write, and execute permissions (with the sgid bit set as well -- so as to work with users for whom mygroup is not their primary group)
    3. receive.denyNonFastforwards = 1: deny non fast-forward pushes to the repo

If you want to fine-tune the user, group, or other users' permissions, use --shared=0NNN, where NNN are the standard user, group, and other bits for files (the execute and sgid bits on directories will be managed appropriately by git). For example, this allows read and write access to the user, and read-only access to the group (and no access to other):

git init --bare --shared=0640 /srv/git/myrepo.git 

This allows read and write access to the user and group (and no access to other):

git init --bare --shared=0660 /srv/git/myrepo.git 

This allows read and write access to the user and group, and read-only access to other:

git init --bare --shared=0664 /srv/git/myrepo.git 

Note that if you're not going to allow write access to the group, make sure to first use chown to set the owner of the repo, and then run the git init command as that user (to make sure the repo is initialized with the correct owner for all the initial files and sub-directories).

 
 
 
 
2
 
vote

您可以使用git-jodemon共享存储库。阅读 git-daemon 更多信息。

编辑:

还检查文章共享Git存储库的8种方式。

 

You can use git-daemon to share the repository. Read the documentation for git-daemon for more information.

EDIT:

Also check this article 8 ways to share your git repository.

 
 
1
 
vote

为现有存储库做出这一点。这将从几个答案和评论中获取建议:

从存储库父目录,在服务器上:

  /srv/git8  
 

Doing exactly this worked for me, for an existing repository. This takes advice from several answers and comments before:

From your repository parent directory, at the server:

chgrp -R <whatever group> gitrepo chmod -R g+wX gitrepo cd gitrepo find . -type d -exec chmod g+s {} + git config core.sharedRepository group 
 
 
0
 
vote

@stevek_mcc答案是我在为这个问题oogled

oogled的时候正在寻找的回答
  /srv/git9  
 

@stevek_mcc answer is the one I was looking for when I googled for this question

git clone --config core.sharedRepository=true 
 
 

相关问题

2  在网络计算机之间共享键盘和鼠标  ( Sharing a keyboard and mouse between networked computers ) 
其中允许鼠标和键盘在2+网络计算机之间共享的软件? 我知道 synergy ,但替代方案是什么?你最喜欢哪个? 我个人对与Mac OS X和Windows兼容的东西最感兴趣,但仅限于某些平台的软件仍然是感兴趣的,所以请提及它。 ...

10  如果文件夹不再存在,如何删除Windows共享?  ( How to remove a windows share when the folder does not exist anymore ) 
我在"计算机管理" 列表中有一些共享文件夹,该文件夹指向不再存在的文件夹。但Windows不会让我删除它们,"系统找不到指定的路径" ,也许通过控制台的网*命令可以解决它? ...

3  Mac OS X系统可以连接到Samba共享,但Windows XP无法  ( Mac os x system can connect to samba share but windows xp can not ) 
访问运行Samba的服务器时,Mac OS X会打开一个登录窗口,提示输入用户名和密码。使用正确的用户名和密码,我能够登录和读取/写入共享。 使用Windows XP,打开类似的登录窗口,但用户名和密码似乎失败。进入两者后,我单击"确定" 按钮,窗口闪烁并重新出现。当它重新出现用户名字段时,TheSambamachI...

2  IIS7 - 存储在文件集群上的共享配置  ( Iis7 shared configuration stored on a file cluster ) 
我们有两个web服务器,运行IIS7并使用共享配置将其配置数据存储在冗余文件集群上。 这通常工作正常,但是,当重新启动文件集群中的主机时,我们会收到以下错误: Windows进程激活服务遇到了一个尝试的错误 从文件中读取配置数据 ' fileclustername files iissharedcon...

-2  列出使用cpanel,serverside代码或第三方软件的高服务器加载的文件? [关闭]  ( List files causing high server loads using cpanel serverside code or third part ) 
关闭。这个问题是 off-topic 。它目前不接受答案。 想要改进这个问题?更新问题,所以它是主题 for server fault。 关闭 7年...

17  Windows7 - “指定的网络密码不正确。”当密码实际上正确时  ( Windows7 the specified network password is not correct when the password is ) 
现在有一段时间的Samba Server设置。它是一个硬件NAS - 不幸的是没有提供对Samba日志的访问。 (NAS的确切模型称为Addonics NAS适配器) 我还有一个Windows Vista和一个Windows XP机器 - 从两者都可以映射 \ 192.168.0.20 smd 没有错误(净用l:...

6  集中管理校园(广告域)打印机?  ( Centralized administration of campus ad domain printers ) 
我正在寻找集中管理(和跟踪!)打印的最佳方式。我知道Windows Server可以被配置为"打印服务" 服务器,但是我的理解是即将到来只是为了集中队列,并且并没有真正做的会计和报告(谁打印了什么,何时,何时,何地,何时,何时,何时,何地,何时,何地,何时,何地,何时,何地,何时,何地,何时,何时,何时,何地)。 ...

0  在Windows 7下的同一框中使用相同的虚拟机  ( Using the same virtual machine among users on the same box under windows 7 ) 
我目前使用虚拟Windows XP(默认虚拟机管理程序)配置Windows 7框(构建7100)。使用本地管理员帐户创建和配置了模板虚拟Windows XP环境,如何为使用此特定框的所有用户帐户提供此XP构建? 只是为了澄清,XP构建不会在其他Windows 7机器上使用。因此,没有发行分发和重复的SID。 XP B...

223  如何在计算机上与多个用户共享Git存储库?  ( How do i share a git repository with multiple users on a machine ) 
我在登台服务器上有一个git存储库,多个开发人员需要能够拉到。 git-init 似乎有一个旗帜非常接近我正在寻找的东西: --shared ,除了我希望多个人一起拉到该存储库。 git-clone 's <代码> ABCDEFGHIJKLMNABCDEFGHIJKLMN3 标志完全不同。 更改现有存储库...

2  Samba私人和公共股票的Windows  ( Samba private and public shares for windows ) 
我面临着Samba共享安装Windows使用的问题。我有两个股份 - 1]公共份额,可用于网络中的每个人,2]管理分享,它应该是只有两个用户保护的密码。 公共份额在没有任何问题的情况下正常工作。创建私有版本,从覆盆子设备下的Windows可见,但我无法使用Samba用户访问它。我花了很多时间搜索,但可以找到我做错了...




© 2022 it.wenda123.org All Rights Reserved. 问答之家 版权所有