3

I have project hosted with gitolite on my own server, and I would like to deploy the whole project from gitolite bare repository to apache accessible place, by post-receive hook.

I have next hook content

echo "starting deploy..."

WWW_ROOT="/var/www_virt.hosting/domain_name/htdocs/"

GIT_WORK_TREE=$WWW_ROOT git checkout -f

exec chmod -R 750 $WWW_ROOT
exec chown -R www-data:www-data $WWW_ROOT
echo "finished"

hook can't be finished without any error message.

chmod: changing permissions of `/var/www_virt.hosting/domain_name/file_name': Operation not permitted

means that git has no enough right to make it.

The git source path is /var/lib/gitolite/project.git/, which is owned by gitolite:gitolite

And with this permissions redmine (been working under www-data user) can't achieve git repository to fetch all changes

The whole project should be placed here: /var/www_virt.hosting/domain_name/htdocs/, which is owned by www-data:www-data.

What changes I should do, to work properly post-receive hook in git, and redmine with repository ?

what I did, is:

# id www-data
uid=33(www-data) gid=33(www-data) groups=33(www-data),119(gitolite)
# id gitolite 
uid=110(gitolite) gid=119(gitolite) groups=119(gitolite),33(www-data)

does not helped.

I want to have no any problem to work apache (to view project), redmine to read source files for project (under git) and git (doing deploy to www-data accessible path)

what should I do ?

Tom O'Connor
  • 27,480
  • 10
  • 73
  • 148
nixer
  • 165
  • 2
  • 3
  • 9
  • Maybe http://stackoverflow.com/questions/9915482/gitolite-and-file-permissions/9915919#9915919 can be a starting point (note: are you using Gitlite v2 or v3?) – VonC Apr 30 '12 at 11:26
  • Gitolite Version: 2.2-1. Ubuntu 12.04 – nixer May 01 '12 at 04:23
  • So try and see if `$REPO_UMASK`has any influence in your case. – VonC May 01 '12 at 10:14

2 Answers2

0

These are typical permissions issues. Solutions are always a little bit dirty since imply to make changes on a running filesystem. Anyway possible options you have:

  1. Permissions for everybody on http server document_root

  2. Run as sudo post-receive actions

  3. Change permissions for http server document_root on demand, ie. when within post-receive. For such option it is common to use:

    find $PUBLIC_WWW -type f -print0 | xargs -0 chmod 666
    find $PUBLIC_WWW -type d -print0 | xargs -0 chmod 777

grosshat
  • 356
  • 3
  • 6
0

May I make a slightly different suggestion? Instead of doing a git checkout to the dir, try a git archive? In your hook do:

git archive --format=tar | (cd $WWW_ROOT; tar xf -)

Note that you can set the umask in the tar.umask git configuration variable.

From your description I'm not entirely clear on who the hook is running as, but this approach might simplify things.

pjz
  • 10,595
  • 1
  • 32
  • 40