Search code examples
gitfile-permissionstrac

git object folder permission

I am trying to hook the trac with git, and most are fine, except for SOME repositories, I could not get the revision information out of git.

After I have done the following, the revision is correctly collected by Trac

chmod -R 777 <git-repo>/objects/

(I know 777 is very dangerous, it's just for diagnose purpose)

however, for those new commits, the committed items are still of 0700 permission. 

drwxrwxrwx 2 git git 4.0K 2013-02-26 10:49 80
drwxrwxrwx 2 git git 4.0K 2013-02-26 10:49 0a
drwxrwxrwx 2 git git 4.0K 2013-02-26 11:01 04
drwxrwxrwx 2 git git 4.0K 2013-02-26 11:01 a6
drwxrwxrwx 2 git git 4.0K 2013-02-26 11:01 61
drwxrwxrwx 2 git git 4.0K 2013-02-26 11:01 2f
drwx------ 2 git git 4.0K 2013-02-26 12:13 da
drwx------ 2 git git 4.0K 2013-02-26 12:13 a3
drwx------ 2 git git 4.0K 2013-02-26 12:13 8c
drwx------ 2 git git 4.0K 2013-02-26 12:13 26

But the strangest part is, for some other git repositories inside the same machine, those new object folders are MOSTLY of 755 permission (which is still fine for Trac).

drwxr-xr-x 2 git git 4.0K 2011-07-12 17:22 14
drwxr-xr-x 2 git git 4.0K 2011-07-12 17:22 f5
drwxr-xr-x 2 git git 4.0K 2011-07-12 17:22 9e
drwxr-xr-x 2 git git 4.0K 2013-02-26 14:12 aa
drwx------ 2 git git 4.0K 2013-02-26 14:12 76
drwxr-xr-x 2 git git 4.0K 2013-02-26 14:12 44
drwxr-xr-x 2 git git 4.0K 2013-02-26 14:12 c5
drwxr-xr-x 2 git git 4.0K 2013-02-26 14:12 9c
drwx------ 2 git git 4.0K 2013-02-26 14:12 6a

May I know what possibly causes this? Thanks a lot

Solution

  • You need to check if the user executing track daemon is in the same group than the git user.

    Consider this installation process:

    useradd -m -K UMASK=027 git
useradd -m -K UMASK=077 -G git trac

    Any file created by git with umask 027 would still be readable by trac.

    If you are using gitolite, as mentioned here, you would need to set umask in .gitolite.rc to 0027 to allow group have read permission.
    See Rc.pm, by default it is 077 instead of 027:

    # HELP for all the other external programs (the syntactic sugar helpers and
# the various programs/functions in the 8 trigger lists), can be found in
# doc/non-core.mkd (http://sitaramc.github.com/gitolite/non-core.html) or in
# the corresponding source file itself.

%RC = (
    # if you're using mirroring, you need a hostname. This is *one* simple
    # word, not a full domain name. See documentation if in doubt
    # HOSTNAME => 'darkstar',
    UMASK => 0077,