Git Post-Receive的权限 [英] Permissions with Git Post-Receive

问题描述

我在本地和我的服务器上设置了git，并创建了一个'post-receive'，这样当我推送到活动服务器时，它应该检出到网站的虚拟主机目录。

 ＃！/ bin / sh 
 GIT_WORK_TREE = / var / www / domainname / public_html / git checkout -f 
  
 
 
例如 remote：error：无法创建文件index.php（Permission denied） 
 
 
 
这些错误实际上对我有意义由于我设置我的服务器的方式。我禁用了root访问权限并创建了一个通过visudo添加到sudoers的新用户 - 然后为此用户设置SSH密钥。我使用这个用户推送我的git到服务器的变化。
 
 
 
问题是，我相信，我连接推送的这个用户没有权限写入虚拟主机目录。我在这些文件夹中的所有文件都由拥有相同组的www-data（我的nginx用户）拥有。
 
 
 
解决方案是什么？使用SSH密钥创建另一个用户来与具有更高权限的git连接，或者是否有办法像接受能力那样授予接收后的sudo？
 
 
 
非常抱歉如果你的回购是使用<$ c $创建的，那么你可以使用<$ c $>来解决这个问题。
  c>  - 共享选项（请参阅将GIT存储库更改为共享< 
 
 
 
有没有什么办法可以将这些不同的组合分开用户在同一组？
 
有点像 Git无法创建文件权限被拒绝 a>相同的组。
 
或者sudo访问，如这个问题的评论中所述，改变sudoers：
  git ALL =（root）NOPASSWD：/ usr / local / sbin / prgetsimpleappscom 
  
 
I have setup git locally and on my server and created a 'post-receive' so that when I do a push to the live server it should then checkout to the virtual hosts directory of the website.
#!/bin/sh
GIT_WORK_TREE=/var/www/domainname/public_html/ git checkout -f
However, when I try to do my push, it goes out the master successfully but I get permission denied errors when trying to create those files on my server web root.

e.g. remote: error: unable to create file index.php (Permission denied)

These errors actually make sense to me due to the way I have setup my server. I disabled root access and created a new user that is added to the sudoers through visudo - I then set up SSH keys for this user. I use this user for pushing out my git changes to the server.

The issue is, I believe, that this user that I connect to push doesn't have the rights to write to the virtual hosts directory. All my files in these folders are owned by www-data (my nginx user) with the same group.

What is the solution? Create another user with SSH keys to connect with just for git that has higher permissions or is there a way to grant the post-receive sudo like abilities?

Apologies for the very long winded question but wanted to be absolutely clear with what I did.
解决方案
If your repo is created with the --shared option (see "Change GIT repository to shared"), that would allow users from the same group to access and write.

Is there any way you can group those different users in the same group?

A bit as what is mentioned in "Git unable to create file permission denied" same group.

Or sudo access, as explained in the comments of this question, changing the sudoers:
 git ALL = (root) NOPASSWD: /usr/local/sbin/prgetsimpleappscom 


                        
这篇关于Git Post-Receive的权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！