Posted by JCL324 on December 10, 2012 at 1:41am
Hey git folk, can anyone recommend some links or other resources on how to set up permissions for multiple users on an Ubuntu server for git? I can't seem to find anything that is step-by-step or works. I know it involves setting the sticky bit but there's more to it than that.
Comments
Git itself
Git for teams all comes down to the teams workflow presently. Every team is different. For me and my team, I felt it best to make sure we all understood what git was and how git works prior to road mapping workflow.
to that effect the link below is a awesome walk-thru on GIT.
http://www.sbf5.com/~cduan/technical/git/
Hope it helps! I cant take credit for that find, Mike Anello from http://drupaleasy.com mentioned in one of his blog posts.
Hope it helps.
Thanks Jason, but that's not
Thanks Jason, but that's not what I needed. I have the flow all set up, the devs on the team all know about git. The problem is at the server level, when each dev logs in with their own linux user account on the dev and prod servers, they don't have permission to the git repo to be able to do pulls or pushes. Only my account can do it since I'm the one that set it up. What I need is a step-by-step on what permissions to set on the repo files, what groups might be necessary for the devs. Or any other best practice to allow them to do git on these servers.
JCL
John, I added each user to a
John,
I added each user to a unix group called "developer" and the webserver user to the same group. This is their one and only group. Normally, unix makes a group for each user. That's just the default.
Someone might be able to give me a better way to do this, but that's what I did.
user www-data is a member of "developer" when it makes a file, it is owned by www-data:developer
user rprice is a member of developer - when I make a file, it is owned by rprice:developer
user jcl324 is a member of developer - when you make a file, it is owned by jcl324:developer
then I CHGRP -R . everything to be in developer, and make sure that I CHMOD -R g+w . as well. Now everyone can edit everything.
Ryan Price
DrupalEasy Podcast
Thank you thank you Ryan, it
Thank you thank you Ryan, it was too easy! Maybe that's why I couldn't find a post :).
So I don't have to worry about setting a sticky bit for the .git dir? I thought I read that somewhere.
JCL
setting it on the git
setting it on the git directory would help.
Ryan Price
DrupalEasy Podcast
I've had issues with running
I've had issues with running certain git commands due to permissions on the git directory so I would. I want to say resets or.... I'm not sure.
Personally I try to keep dev servers running with hooks. As for prod it depends but it's usually just one user
@bhosmer you mentioned gitolite have you seen GitLab ?
This isn't exactly what you
This isn't exactly what you are asking for John, but you might check out gitolite.
I've used it for about three different teams and it simplifies authentication and user management with git.
Our process from soup to nuts
This maybe over kill but I figured I would post it. We do flip the filemode switch in GIT because Aegir is always monkeying with the file permissions. This setup still has a few quarks but we have been able to get it working pretty regular when needing a server based dev instance with GIT and Aegir. Note: this is still a single user setup, multiple developers would each have their own instance on the server.
Apply the following Patches
http://drupal.org/files/issues/drush-1263124.patch
http://drupalcode.org/project/provision.git/patch/16e357bb0f6e29ade80db5...
Create Developer User Account
1.
1. adduser <username>
2. chsh -s /bin/bash <username>
3. addgroup <username> aegir
4. addgroup<username> www-data
5. Login as new user
6. Generate SSH key if they don't have one
1. ssh-keygen -t rsa -C "your_email@youremail.com"
2. GitHub References
1. Genrating Keys https://help.github.com/articles/generating-ssh-keys
2. Troubleshooting public keys: https://help.github.com/articles/error-permission-denied-publickey
7. git config
1. git config --global user.name "Your Name Here"
2. git config --global user.email "your_email@youremail.com"
3. git config --global core.filemode false
8. Send Developer server access info:
* Host Name: host.example.com
* Protocol: SFTP/SCP - Port 22
* Access: Read/Write
* UserName: [user-name]
* Pwd: xxxxxxxxx
* Home Directory: /home/[user-name]
* Drupal Root Directory (Aegir Platform): /var/aegir/platforms/[platform_root]
* Site Directory: /var/aegir/platforms/[platform_root]/sites/xxxx-initials.example.com
* GIT Repo: /var/aegir/platforms/[platform_root]/sites/xxxx-initials.example.com/.git
9. Remove a user
1. userdel -r [username]
Create GitHub Repo
1. Create empty REPO on Github
2. Add Big Couch Developers team to Access list
3. Login into server as Aegir
4. cd /var/aegir/platforms/[platform_root]/sites/xxxx-stg.example.com
5. Add .gitignore file
6. git init
7. git add -A
8. git commit -m "Initial commit"
9. git remote add origin git@github.com:example/xxxx.git
10. git push origin master
Create Developer DEV instance
1. Clone Site with Developer Initials from Aegir frontend
1. xxxx-initials.example.com
2. Login to command line with Aegir user
3. Set site file permissions to allow git init for developer
1. cd /var/aegir/platforms/[platform_root]/sites
2. chmod -R 775 xxxx-initials.example.com
3. cd xxxx-initials.example.com
4. rm -R .git
4. Login to command line with developer user
5. Have developer add their public key to the user home directory for pushing to GitHub
Setup developer Git Repo
1. cd /var/aegir/platforms/[platform_root]/sites/xxxx-initials.example.com
2. git init
3. Add .gitignore file or exclude file
4. git remote add origin git@github.com:example/xxxx.git
5. git pull origin master
Our Exclude File
# git-ls-files --others --exclude-from=.git/info/exclude
# Lines that start with '#' are comments.
# For a project mostly in C, the following would be a good set of
# exclude patterns (uncomment them if you want to use them):
# .[oa]
# *~
files/
private/*
drushrc.php
settings.php
local.settings.php