Signed-off-by: Francesco Pretto <ceztkoml@xxxxxxxxx> --- More detailed instructions on how to set up shared repositories. Removed an old reference to the need of setting umask of ssh users of shared repositories. Added a reference to "git for CVS users" doc in git-init manual. Documentation/cvs-migration.txt | 61 +++++++++++++++++++++++++++++++++++---- Documentation/git-init.txt | 7 ++++ 2 files changed, 62 insertions(+), 6 deletions(-) diff --git a/Documentation/cvs-migration.txt b/Documentation/cvs-migration.txt index 3b6b494..849b403 100644 --- a/Documentation/cvs-migration.txt +++ b/Documentation/cvs-migration.txt @@ -71,7 +71,40 @@ Setting Up a Shared Repository We assume you have already created a git repository for your project, possibly created from scratch or from a tarball (see the link:tutorial.html[tutorial]), or imported from an already existing CVS -repository (see the next section). +repository (see the next section). Moreover, we assume you can write in a +public accessible directory and give other users the permission to do so. +You could need or not admin privileges to do so, depending on your +system configuration and how you decide to export the repository. + +It's recommended, but not strictly necessary, to create a specific group for +every project/repository you'll want to create, so it will be easier to give +or prevent access of users to specific repositories. With admin privilege launch: + +------------------------------------------------ +$ groupadd $group +------------------------------------------------ + +If you want to add an user to this group, launch: + +------------------------------------------------ +$ usermod -a -G $group $username +------------------------------------------------ + +In our example, we will store the shared repository in the /pub dir, so the +user creating it will need write permission there. There's no problems if you +choose another directory, but you'll have to ensure it will be accessible by +other users, on local or by remote (this could be not the case of home +directories). + +If you just want to create a directory that is writable by every users that have +a local account, launch with privileged credentials: + +------------------------------------------------ +$ mkdir /pub +$ chmod a+w,+t /pub +------------------------------------------------ + +Now you can proceed with an unprivileged user. Assume your existing repo is at /home/alice/myproject. Create a new "bare" repository (a repository without a working tree) and fetch your project into @@ -84,21 +117,37 @@ $ git --bare init --shared $ git --bare fetch /home/alice/myproject master:master ------------------------------------------------ +If you previously decided to create a specific group for the committers of the +repository, assign its ownership to that group (you'll have to be a member of it +or switch to privileged credentials): + +------------------------------------------------ +$ chgrp -R $group /pub/my-repo.git +------------------------------------------------ + Next, give every team member read/write access to this repository. One easy way to do this is to give all the team members ssh access to the machine where the repository is hosted. If you don't want to give them a full shell on the machine, there is a restricted shell which only allows users to do git pushes and pulls; see gitlink:git-shell[1]. -Put all the committers in the same group, and make the repository -writable by that group: +The following two commands will require admin privileges; first, enable +git-shell putting it on the trusted shells list of the system: ------------------------------------------------ -$ chgrp -R $group /pub/my-repo.git +$ echo `which git-shell` >> /etc/shells +------------------------------------------------ + +Now, let's create the commit users: + +------------------------------------------------ +$ useradd -g $group -s `which git-shell` $username ------------------------------------------------ -Make sure committers have a umask of at most 027, so that the directories -they create are writable and searchable by other group members. +These users will be enabled to push on repositories owned by the group $group. +Later, you can give access to other projects simply by adding them to +other groups. Similarly, you can prevent access to repositories simply +removing those users from related groups. Importing a CVS archive ----------------------- diff --git a/Documentation/git-init.txt b/Documentation/git-init.txt index 07484a4..f5f363d 100644 --- a/Documentation/git-init.txt +++ b/Documentation/git-init.txt @@ -101,6 +101,13 @@ $ git-add . <2> <2> add all existing file to the index +SHARED REPOSITORIES +------------------- + +Please refer to link:cvs-migration.html[git for CVS users], section "Setting Up +a Shared Repository", for details on how to set up shared repositories. + + Author ------ Written by Linus Torvalds <torvalds@xxxxxxxx> - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html