Brandon Casey <casey@xxxxxxxxxxxxxxx> writes:
> Johan Herland wrote:
>> Hi,
>>
>> Some colleagues of mine are working on a "secret" project, and they want to
>> create a central/server/integration repo that should be group-writable, but
>> not at all accessible to anybody outside the group (i.e. files should be
>> 0660 ("-rw-rw----"), dirs should be 0770 ("drwxrws---")).
>>
>> I started setting this up for them in the following manner:
>>
>> mkdir foo.git
>> cd foo.git
>> git init --bare --shared=group
>> cd ..
>> chgrp -R groupname foo.git
>> chmod -R o-rwx foo.git
>>
>> ...and everything looks good, initially...
>>
>> However, when I start pushing into this repo, the newly created files are
>> readable to everybody (files are 0664 ("-rw-rw-r--"), dirs are 0775
>> ("drwxrwsr-x")).
>
> But nobody has access to anything under foo.git since you did
> 'chmod o-rwx foo.git' above.
>
> Unless I'm missing something, I think you already have what you want.
The toplevel is never recreated so it should be Ok in practice.
The core.sharedrepository only loosens the effect of overtight umask
setting that a project member has. But you can notice inconsistency when
you run "ls -l", which may bother you ;-)
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
