Gitosis和www-data [英] Gitosis and www-data
问题描述
我目前正在VPS上构建ubuntu(10.0.4 LTS)服务器,以托管基于WordPress的网站.
I'm currently building a ubuntu (10.0.4 LTS) server on a VPS to host a WordPress based website.
我已经安装了gitosis来托管远程存储库,我想做的是post receive
钩子的插件,以在我git push
时更新WordPress主题.
I've got gitosis installed to host the remote repository and what I would like to do is plugin to the post receive
hook to update the WordPress theme when I git push
.
我对用户和权限有些困惑.当我运行git pull
时,/var/www
中的文件将由git用户拥有.理想情况下,我希望/var/www
中的所有文件都归同一用户所有,因为我认为这样做更安全?
I'm getting a bit confused with users and permissions. As when we I run git pull
the files in /var/www
will be owned by the git user. Ideally I would like all files in the /var/www
to be owned by the same user as I think this would be safer?
我目前拥有www数据用户拥有的/var/www
文件夹,经过一番阅读后,我意识到这不是最好的选择.我需要一些帮助来制定最佳的行动计划吗?
I've currently got the /var/www
folder owned my the www-data user, after some reading I've realised this is not the best thing to do. I need a bit of help working out the best plan of action for this?
推荐答案
来自注释:
对于那种细粒度的控制,我不会使用gitosis:
I wouldn't use gitosis for that kind of fine-grained control:
- gitosis is obsolete and not moving since 2009 (even though some forks are still a bit active)
- This comment and that question illustrate that most features are easier to do with Gitolite.
因此,使用Gitolite:
So, with Gitolite:
由git用户在gitolite环境中签出的用于Git回购的umask
用途将在doc部分"最常用/更改的变量"
The umask
use for the Git repo checked out by the git user within a gitolite environment will be the one described in the doc section "most often used/changed variables"
gitolite使用的默认
UMASK
会使所有存储库及其内容具有rwx------
权限.想要运行gitweb
的人会意识到这不会.
The default
UMASK
that gitolite uses makes all the repos and their contents haverwx------
permissions. People who want to rungitweb
realise that this will not do.
处理此问题的正确方法是为该变量提供一个类似于0027
的值(请注意语法:前导0
是必需的),然后让用户运行网络服务器(apache,www-data
, (无论如何)"git
"组的成员.
The correct way to deal with this is to give this variable a value like 0027
(note the syntax: the leading 0
is required), and then make the user running the webserver (apache, www-data
, whatever) a member of the 'git
' group.
如果已经安装了gitolite,则必须手动修复现有文件(对于umask
或0027
,将为chmod -R g+rX
).
这是因为umask
仅影响新创建文件的权限,而不影响现有文件的权限.
If you've already installed gitolite then existing files will have to be fixed up manually (for a umask
or 0027
, that would be chmod -R g+rX
).
This is because umask
only affects permissions on newly created files, not existing ones.
从那里,您可以按照"在"apache"下安装gitolite .
From there, you can follow "install gitolite under "apache"".
这篇关于Gitosis和www-data的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!