Gitosis和www-data [英] Gitosis and www-data

问题描述

我目前正在VPS上构建ubuntu(10.0.4 LTS)服务器，以托管基于WordPress的网站.

I'm currently building a ubuntu (10.0.4 LTS) server on a VPS to host a WordPress based website.

我已经安装了gitosis来托管远程存储库，我想做的是post receive钩子的插件，以在我git push时更新WordPress主题.

I've got gitosis installed to host the remote repository and what I would like to do is plugin to the post receive hook to update the WordPress theme when I git push.

我对用户和权限有些困惑.当我运行git pull时，/var/www中的文件将由git用户拥有.理想情况下，我希望/var/www中的所有文件都归同一用户所有，因为我认为这样做更安全?

I'm getting a bit confused with users and permissions. As when we I run git pull the files in /var/www will be owned by the git user. Ideally I would like all files in the /var/www to be owned by the same user as I think this would be safer?

我目前拥有www数据用户拥有的/var/www文件夹，经过一番阅读后，我意识到这不是最好的选择.我需要一些帮助来制定最佳的行动计划吗?

I've currently got the /var/www folder owned my the www-data user, after some reading I've realised this is not the best thing to do. I need a bit of help working out the best plan of action for this?

推荐答案

来自注释:

对于那种细粒度的控制，我不会使用gitosis:

I wouldn't use gitosis for that kind of fine-grained control:

• gitosis 已过时，自2009年以来一直没有变化(即使有些分叉仍然很活跃)
• 此评论和

• gitosis is obsolete and not moving since 2009 (even though some forks are still a bit active)
• This comment and that question illustrate that most features are easier to do with Gitolite.

因此，使用Gitolite:

So, with Gitolite:

由git用户在gitolite环境中签出的用于Git回购的umask用途将在doc部分"

The umask use for the Git repo checked out by the git user within a gitolite environment will be the one described in the doc section "most often used/changed variables"

gitolite使用的默认UMASK会使所有存储库及其内容具有rwx------权限.想要运行gitweb的人会意识到这不会.

The default UMASK that gitolite uses makes all the repos and their contents have rwx------ permissions. People who want to run gitweb realise that this will not do.

处理此问题的正确方法是为该变量提供一个类似于0027的值(请注意语法:前导0是必需的)，然后让用户运行网络服务器(apache，www-data， (无论如何)"git"组的成员.

The correct way to deal with this is to give this variable a value like 0027 (note the syntax: the leading 0 is required), and then make the user running the webserver (apache, www-data, whatever) a member of the 'git' group.

如果已经安装了gitolite，则必须手动修复现有文件(对于umask或0027，将为chmod -R g+rX).
这是因为umask仅影响新创建文件的权限，而不影响现有文件的权限.

If you've already installed gitolite then existing files will have to be fixed up manually (for a umask or 0027, that would be chmod -R g+rX).
This is because umask only affects permissions on newly created files, not existing ones.

从那里，您可以按照"在"apache"下安装gitolite .

From there, you can follow "install gitolite under "apache"".

这篇关于Gitosis和www-data的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！