Retaining file permissions with Git

Question

I want to version control my web server as described in  Version control for my web server  by creating a git repo out of my  var www directory   My hope was that I would then be able to push web content from our dev server to github  pull it to our production server  and spend the rest of the day at the pool     Apparently a kink in my plan is that Git won t respect file permissions  I haven t tried it  only reading about it now    I guess this makes sense in that different boxes are liable to have different user group setups   But if I wanted to force permissions to propagate  knowing my servers are configured the same  do I have any options  Or is there an easier way to approach what I m trying to do

User · Accepted Answer

The git-cache-meta mentioned in SO question  git - how to recover the file permissions git thinks the file should be    and the git FAQ  is the more staightforward approach   The idea is to store in a  git cache meta file the permissions of the files and directories  It is a separate file not versioned directly in the Git repo   That is why the usage for it is     git bundle create mybundle bdl master  git-cache-meta --store   scp mybundle bdl  git cache meta machine2    then on machine2    git init  git pull mybundle bdl master  git-cache-meta --apply   So you    bundle your repo and save the associated file permissions  copy those two files on the remote server restore the repo there  and apply the permission

User · Answer

One addition to  Omid Ariyan s answer is permissions on directories  Add this after the for loop s done in his pre-commit script   for DIR in   find    -mindepth 1 -type d -not -path     git  -not -path     git      sed  s          do       Save the permissions of all the files in the index     echo  DIR    stat -c   a  U  G   DIR   gt  gt   DATABASE done   This will save directory permissions as well

User · Answer

In case you are coming into this right now  I ve just been through it today and can summarize where this stands  If you did not try this yet  some details here might help   I think  Omid Ariyan s approach is the best way  Add the pre-commit and post-checkout scripts  DON T forget to name them exactly the way Omid does and DON T forget to make them executable  If you forget either of those  they have no effect and you run  git commit  over and over wondering why nothing happens    Also  if you cut and paste out of the web browser  be careful that the quotation marks and ticks are not altered    If you run the pre-commit script once  by running a git commit   then the file  permissions will be created   You can add it to the repository and I think it is unnecessary to add it over and over at the end of the pre-commit script  But it does not hurt  I think  hope    There are a few little issues about the directory name and the existence of spaces in the file names in Omid s scripts   The spaces were a problem here and I had some trouble with the IFS fix  For the record  this pre-commit script did work correctly for me      bin bash    SELF DIR  git rev-parse --show-toplevel  DATABASE  SELF DIR  permissions    Clear the permissions database file  gt   DATABASE  echo -n  Backing-up file permissions      IFSold  IFS IFS    n  for FILE  in  git ls-files  do      Save the permissions of all the files in the index    echo  FILE    stat -c   a  U  G   FILE   gt  gt   DATABASE done IFS   IFSold    Add the permissions database file to the index git add  DATABASE  echo  OK    Now  what do we get out of this     The  permissions file is in the top level of the git repo  It has one line per file  here is the top of my example     cat  permissions  gitignore 660 pauljohn pauljohn 05 WhatToReport 05 WhatToReport doc 664 pauljohn pauljohn 05 WhatToReport 05 WhatToReport pdf 664 pauljohn pauljohn   As you can see  we have  filepath perms owner group   In the comments about this approach  one of the posters complains that it only works with same username  and that is technically true  but it is very easy to fix it  Note the post-checkout script has 2 action pieces      Set the file permissions chmod  PERMISSIONS  FILE   Set the file owner and groups chown  USER  GROUP  FILE   So I am only keeping the first one  that s all I need   My user name on the Web server is indeed different  but more importantly you can t run chown unless you are root   Can run  chgrp   however  It is plain enough how to put that to use   In the first answer in this post  the one that is most widely accepted  the suggestion is so use git-cache-meta  a script that is doing the same work that the pre post hook scripts here are doing  parsing output from git ls-files   These scripts are easier for me to understand  the git-cache-meta code is rather more elaborate  It is possible to keep git-cache-meta in the path and write pre-commit and post-checkout scripts that would use it   Spaces in file names are a problem with both of Omid s scripts  In the post-checkout script  you ll know you have the spaces in file names if you see errors like this    git checkout -- upload sh Restoring file permissions   chmod  cannot access   04 StartingValuesInLISREL Open   No such file or directory chmod  cannot access  Notebook onetoc2   No such file or directory chown  cannot access  04 StartingValuesInLISREL Open   No such file or directory chown  cannot access  Notebook onetoc2   No such file or directory   I m checking on solutions for that  Here s something that seems to work  but I ve only tested in one case     bin bash  SELF DIR  git rev-parse --show-toplevel  DATABASE  SELF DIR  permissions  echo -n  Restoring file permissions     IFSold   IFS  IFS   while read -r LINE       -n   LINE      do    FILE  echo  LINE   cut -d     -f 1     PERMISSIONS  echo  LINE   cut -d     -f 2     USER  echo  LINE   cut -d     -f 3     GROUP  echo  LINE   cut -d     -f 4        Set the file permissions    chmod  PERMISSIONS  FILE      Set the file owner and groups    chown  USER  GROUP  FILE done  lt   DATABASE IFS   IFSold  echo  OK   exit 0   Since the permissions information is one line at a time  I set IFS to    so only line breaks are seen as new things   I read that it is VERY IMPORTANT to set the IFS environment variable back the way it was   You can see why a shell session might go badly if you leave   as the only separator

User · Answer

This is quite late but might help some others  I do what you want to do by adding two git hooks to my repository    git hooks pre-commit      bin bash     A hook script called by  git commit  with no arguments  The hook should   exit with non-zero status after issuing an appropriate message if it wants   to stop the commit   SELF DIR  git rev-parse --show-toplevel  DATABASE  SELF DIR  permissions    Clear the permissions database file  gt   DATABASE  echo -n  Backing-up permissions      IFS OLD  IFS  IFS    n  for FILE in  git ls-files --full-name  do      Save the permissions of all the files in the index    echo  FILE    stat -c   a  U  G   FILE   gt  gt   DATABASE done  for DIRECTORY in  git ls-files --full-name   xargs -n 1 dirname   uniq  do      Save the permissions of all the directories in the index    echo  DIRECTORY    stat -c   a  U  G   DIRECTORY   gt  gt   DATABASE done IFS  IFS OLD    Add the permissions database file to the index git add  DATABASE -f  echo  OK     git hooks post-checkout      bin bash  SELF DIR  git rev-parse --show-toplevel  DATABASE  SELF DIR  permissions  echo -n  Restoring permissions      IFS OLD  IFS  IFS    n  while read -r LINE       -n   LINE      do    ITEM  echo  LINE   cut -d     -f 1     PERMISSIONS  echo  LINE   cut -d     -f 2     USER  echo  LINE   cut -d     -f 3     GROUP  echo  LINE   cut -d     -f 4        Set the file directory permissions    chmod  PERMISSIONS  ITEM       Set the file directory owner and groups    chown  USER  GROUP  ITEM  done  lt   DATABASE IFS  IFS OLD  echo  OK   exit 0   The first hook is called when you  commit  and will read the ownership and permissions for all the files in the repository and store them in a file in the root of the repository called  permissions and then add the  permissions file to the commit   The second hook is called when you  checkout  and will go through the list of files in the  permissions file and restore the ownership and permissions of those files    You might need to do the commit and checkout using sudo  Make sure the pre-commit and post-checkout scripts have execution permission

User · Answer

I am running on FreeBSD 11 1  the freebsd jail virtualization concept makes the operating system optimal   The current version of Git I am using is 2 15 1  I also prefer to run everything on shell scripts   With that in mind I modified the suggestions above as followed   git push   git hooks pre-commit      bin sh -     A hook script called by  git commit  with no arguments  The hook should   exit with non-zero status after issuing an appropriate message if it wants   to stop the commit   SELF DIR   git rev-parse --show-toplevel   DATABASE  SELF DIR  permissions     Clear the permissions database file  gt   DATABASE   printf  Backing-up file permissions    n    OLDIFS  IFS  IFS    n   for FILE in   git ls-files   do      Save the permissions of all the files in the index     printf   s  s n   FILE   stat -f   Lp  u  g   FILE   gt  gt   DATABASE  done IFS  OLDIFS     Add the permissions database file to the index git add  DATABASE   printf  OK n     git pull   git hooks post-merge      bin sh -  SELF DIR   git rev-parse --show-toplevel   DATABASE  SELF DIR  permissions   printf  Restoring file permissions    n    OLDIFS  IFS  IFS    n   while read -r LINE      -n   LINE     do    FILE   printf   s   LINE   cut -d     -f 1      PERMISSIONS   printf   s   LINE   cut -d     -f 2      USER   printf   s   LINE   cut -d     -f 3      GROUP   printf   s   LINE   cut -d     -f 4         Set the file permissions    chmod  PERMISSIONS  FILE        Set the file owner and groups    chown  USER  GROUP  FILE   done  lt   DATABASE IFS  OLDIFS  pritnf  OK n    exit 0    If for some reason you need to recreate the script the  permissions file output should have the following format    gitignore 644 0 0   For a  gitignore file with 644 permissions given to root wheel  Notice I had to make a few changes to the stat options   Enjoy

User · Answer

We can improve on the other answers by changing the format of the  permissions file to be executable chmod statements  and to make use of the -printf parameter to find   Here is the simpler  git hooks pre-commit file      usr bin env bash  echo -n  Backing-up file permissions       cd    git rev-parse --show-toplevel    find   -printf  chmod  m   p  n   gt   permissions  git add  permissions  echo done       and here is the simplified  git hooks post-checkout file      usr bin env bash  echo -n  Restoring file permissions       cd    git rev-parse --show-toplevel       permissions  echo  done     Remember that other tools might have already configured these scripts  so you may need to merge them together   For example  here s a post-checkout script that also includes the git-lfs commands      usr bin env bash  echo -n  Restoring file permissions       cd    git rev-parse --show-toplevel       permissions  echo  done    command -v git-lfs  gt  dev null 2 gt  amp 1      echo  gt  amp 2   nThis repository is configured for Git LFS but  git-lfs  was not found on you r path  If you no longer wish to use Git LFS  remove this hook by deleting  git hooks post-checkout  n   exit 2    git lfs post-checkout

User · Answer

Git is Version Control System  created for software development  so from the whole set of modes and permissions it stores only executable bit  for ordinary files  and symlink bit   If you want to store full permissions  you need third party tool  like git-cache-meta  mentioned by VonC   or Metastore  used by etckeeper    Or you can use IsiSetup  which IIRC uses git as backend  See Interfaces  frontends  and tools page on Git Wiki

User · Answer

In pre-commit post-checkout an option would be to use  mtree   FreeBSD   or  fmtree   Ubuntu  utility which  compares a file hierarchy against a specification  creates a specification for a file hierarchy  or modifies a specification    The default set are flags  gid  link  mode  nlink  size  time  type  and uid  This can be fitted to the specific purpose with -k switch

[linux] Retaining file permissions with Git

Examples related to linux

Examples related to git

Examples related to file-permissions