* repo permissions repair: restore --shared=group permissions
@ 2010-08-11 23:24 Neal Kreitzinger
2010-08-11 23:55 ` Ævar Arnfjörð Bjarmason
0 siblings, 1 reply; 3+ messages in thread
From: Neal Kreitzinger @ 2010-08-11 23:24 UTC (permalink / raw)
To: git
Hi,
chmod -R 755 was inadvertantly run on all of our git repos (bare and
non-bare). These repos were originally created as --shared=group. When I
run git init --shared=group it does not complain, but it also does not
correct the permissions. Please advise on the best way restore the
permissions to --shared=group. Thanks!
v/r,
Neal
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: repo permissions repair: restore --shared=group permissions
2010-08-11 23:24 repo permissions repair: restore --shared=group permissions Neal Kreitzinger
@ 2010-08-11 23:55 ` Ævar Arnfjörð Bjarmason
2010-08-25 3:42 ` Neal Kreitzinger
0 siblings, 1 reply; 3+ messages in thread
From: Ævar Arnfjörð Bjarmason @ 2010-08-11 23:55 UTC (permalink / raw)
To: Neal Kreitzinger; +Cc: git
On Wed, Aug 11, 2010 at 23:24, Neal Kreitzinger <neal@rsss.com> wrote:
> chmod -R 755 was inadvertantly run on all of our git repos (bare and
> non-bare). These repos were originally created as --shared=group. When I
> run git init --shared=group it does not complain, but it also does not
> correct the permissions. Please advise on the best way restore the
> permissions to --shared=group. Thanks!
chmod -R g+rw ?
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: repo permissions repair: restore --shared=group permissions
2010-08-11 23:55 ` Ævar Arnfjörð Bjarmason
@ 2010-08-25 3:42 ` Neal Kreitzinger
0 siblings, 0 replies; 3+ messages in thread
From: Neal Kreitzinger @ 2010-08-25 3:42 UTC (permalink / raw)
To: git
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com> wrote in message
news:AANLkTik7w6rDa=dLp=cvU8JeuCn1ZjM9ateHU8m_UQkO@mail.gmail.com...
On Wed, Aug 11, 2010 at 23:24, Neal Kreitzinger <neal@rsss.com> wrote:
> chmod -R 755 was inadvertantly run on all of our git repos (bare and
> non-bare). These repos were originally created as --shared=group. When I
> run git init --shared=group it does not complain, but it also does not
> correct the permissions. Please advise on the best way restore the
> permissions to --shared=group. Thanks!
chmod -R g+rw ?
I followed your suggestion, but because I wasn't sure that would replicate
what git would have done, I ended up restoring from tape after realizing
that the rsync backups were corrupted due to the git repos being in use
during the rsync.
I then had a similar situation where I needed to lock down a central git
repository so that only the integration manager had write access. Since git
init --shared=0644 would not do it for me, this is the method I used to
ensure that git set the permissions according to its rules:
(Search Keywords: "How to change the permissions of a Git Repo")
Change Permissions on an Existing Git Repo:
Check System for Users who may be using the Repo:
# w (see who's logged in)
# ps -A |grep git-menu-scriptname (where scriptname is some unique string
in the name of the main script your users use to access that repo, if
applicable)
# skill -KILL pts/99 (where 99 = the pts/# from w command, log the user
off)
Change Shared=group to Shared=0644 (change group read+write to group read
only):
Create Template for permissions:
login as fsngit0
$ cd /path/to/template
$ cat config
[core]
sharedRepository = 0644
Clone repo to set permissions via git:
$ cd /path/to/repo-parent-dir
$ git clone --bare --template=/path/to/template REPO.git REPOMOD.git
Compare old and new versions:
$ diff -r REPO.git REPOMOD.git
Only in REPO.git: branches (empty, keep the old version)
diff -r REPO.git/config REPOMOD.git/config (merge the old and new together)
1a2
> sharedrepository = 0644
6,7c7
< denyDeletes = true
< denyNonFastForwards = true
---
> denyNonFastforwards = true
Only in REPO.git: description (keep the old version)
Only in REPO.git: gitk.cache (gitk will recreate this)
Only in REPO.git: hooks (contains sample scripts only or whatever scripts
your using, keep the old version)
Only in REPO.git: info (keep the old version: contains attributes, exclude,
or whatever you've setup)
diff -r REPO.git/packed-refs REPOMOD.git/packed-refs (keep the new version
because fresh clone has been optimized)
2c2
< Xa8b7b8c8fd3920b89770f2e8356f4ecb71a58cX refs/heads/master
---
> Ya69744e46276a37932d5f0755a53f76cdf83e0dY refs/heads/master
Only in REPO.git/refs/heads: master (old version not needed because fresh
clone has been optimized)
Copy over REPO.git files that the clone didn't replicate, but that you need
in order to retain all settings:
$ cd /path/to/REPOMOD.git
$ cp -rv /path/to/REPO.git/info .
repeat as needed...
change permissions to g-w or whatever your core.sharedRepository new value
is supposed to be:
$ chmod -R g-w info
repeat as needed...
Validate your changes:
$ diff -r REPO.git REPOMOD.git
diff -r REPO.git/config REPOMOD.git/config
1a2
> sharedrepository = 0644
7c8
< denyNonFastForwards = true
---
> denyNonFastforwards = true
Only in REPO.git: gitk.cache
diff -r REPO.git/packed-refs REPOMOD.git/packed-refs
2c2
< Xa8b7b8c8fd3920b89770f2e8356f4ecb71a58cX refs/heads/master
---
> Y69744e46276a37932d5f0755a53f76cdf83e0dY refs/heads/master
Only in REPO.git/refs/heads: master
Backup REPO.git and rename REPOMOD.git to REPO.git:
$ cp -rvp REPO.git REPO.git-old
$ diff -r REPO.git REPO.git-old
$ rm -rf REPO.git
$ cp -rvp REPOMOD.git REPO.git
$ diff -r REPO.git REPOMOD.git
$ diff -r REPO.git REPO.git-old
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-08-25 3:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-08-11 23:24 repo permissions repair: restore --shared=group permissions Neal Kreitzinger
2010-08-11 23:55 ` Ævar Arnfjörð Bjarmason
2010-08-25 3:42 ` Neal Kreitzinger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).