• Uncategorized

About git : Prevent-Git-from-changing-permissions-on-pull

Question Detail

When I pull change from my repositories, Git change the file permissions (actually, he change the group write permission).

If I’m correct, Git should only track executable bit and this anyway can be removed using setting core.filemode to false.

But, although the filemode is set to false (in local, global and user), when I pull, write permission constantly change.

I could use a git-hooks in order to reset correct chmod, but this is some overhead and I’d prefer if there’s a way to just ask git to completly ignore file mode change.

Anyone know how to achieve this ?

Question Answer

One config setting that might help here is core.sharedRepository, presented in the blog post “Preserving Group Write on Git Objects in a Collaborative Repository”:

The solution turned out to be fairly straightforward.
In the file .git/config, I added a line that read: “sharedRepository = group“, like so:

    repositoryformatversion = 0
    filemode = true
    bare = false
    logallrefupdates = true
    sharedRepository = group

Thereafter, new files in .git/objects were created with the proper permissions for group write.
(However, note that new files are group-owned by the primary group of the user account via which the push was received. If the users collaborating on the project have different primary groups, and if those users do not share membership in that set of groups, you may still run into problems.)

Make sure of the value of your umask:

Example: 0660 will make the repo read/write-able for the owner and group, but inaccessible to others (equivalent to group unless umask is e.g. 0022).

2022 (10 years later), SyedAsadRazaDevops adds in the comments:

In Ubuntu (Linux), just go to the project repo and run this command nano .git/config and add sharedRepository = group in [core] section.

That would be the same as:

cd /path/to/repo
git config core.sharedRepository group

The solution I use is to run the command as the user that has the permissions you want to keep:

sudo -u user command

In this case, it could be:

sudo -u www-data git pull

www-data being the apache default user on Ubuntu at least.

This keeps the permissions from changing. I use it when updating git repositories on my VPS, while keeping the file permissions set to the webserver user.

You may also like...

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.