Originally the group was apache (changed it following some instruction
found on web).
> drwxrwsr-x   7 root apache 4096 Feb 21 14:22 simple.git

Then after I change it to something like this, it allow me to push.
> drwxrwsr-x   7 root ccusers 4096 Feb 21 14:22 simple.git

For example, I have the following setting for this project web-app:

[root@cmtoldshrdjk01 git]# stat /opt/git/web-app.git
  File: `/opt/git/web-app.git'
  Size: 4096            Blocks: 8          IO Block: 4096   directory
Device: fd02h/64770d    Inode: 131242      Links: 7
Access: (2775/drwxrwsr-x)  Uid: (    0/    root)   Gid: ( 3017/ ccusers)
Access: 2014-02-27 17:02:39.830304322 -0500
Modify: 2014-01-23 14:34:28.279128784 -0500
Change: 2014-02-27 17:01:49.524796933 -0500
[root@cmtoldshrdjk01 git]# ls -ld /opt/git/web-app.git
drwxrwsr-x 7 root ccusers 4096 Jan 23 14:34 /opt/git/web-app.git
[root@cmtoldshrdjk01 git]#

C:\Workspace\GIT\web-app>git push origin master
PAM Authentication
Enter your OFFICE domain password:
Counting objects: 17, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (8/8), done.
Writing objects: 100% (11/11), 2.39 KiB | 0 bytes/s, done.
Total 11 (delta 1), reused 0 (delta 0)
To jhu06@cmtoldshrdjk01:/opt/git/web-app.git
   8bbe187..142f45d  master -> master

On Fri, Feb 28, 2014 at 8:21 AM, Konstantin Khomoutov <
flatw...@users.sourceforge.net> wrote:

> On Thu, 27 Feb 2014 13:41:21 -0800 (PST)
> Jirong Hu <jirong...@gmail.com> wrote:
> > I setup smart http following this URL:
> > http://www.parallelsymmetry.com/howto/git.jsp
> >
> > When I try to push from a Window client to the GIT Linux server, I
> > got this error:  error: insufficient permission for adding an object
> > to repository database ./objectse
> >
> > The question is how shall I setup the permission for the repository
> > at: /opt/git/simple.git. My users are in domain group "ccusers", and
> > the web server is running under a local user "apache:apache" by
> > default. I want to be able to access the repository by both ssh (for
> > developers) and http (for build).
> What are current permissions on /opt/git/simple.git ?
> I mean, what `stat /opt/git/simple.git` or `ls -ld /opt/git/simple.git`
> output?
> I'm afraid you might have hard time implementing this "as is" because
> both the user "apache" and group "apache" are assumed by Apache after
> it starts up (it starts up as root) and so I think merely adding the
> user "apache" to the "ccusers" group won't fix this for you.
> What you can do:
> * Use something like suexec or mod-itk to make Git CGI app run with
>   permissions different from those of the web server itself.
> * Use POSIX ACLs on your Git repos for more fine-grained control
>   over who can access it.  This way, you could have two ore more
>   "owner groups" defined for a directory.
> * Have another Apache (or some other webserver) run with a different
>   configuration file which makes it use another user and group and
>   listen on a different port.
>   As a corollary to this, you might have some specialized web server
>   which is only configured to run Git, with appropriate credentials,
>   and reverse-proxy requests coming to Git repos to that instance.

You received this message because you are subscribed to the Google Groups "Git 
for human beings" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to git-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to