How do I set owner and group on git files on checkout from hooks/post-receive?

Question

I'm maintaining several websites using Git after following this guide http://toroid.org/ams/git-website-howto

I make changes to my local repository and commit I then git push to a remote repository on my server In hooks/post-receive I do this:

#! /bin/sh
GIT_WORK_TREE=/home/user/public_html/ git checkout -f

This works very well except I push via ssh as root so all checked out files are owned by root:root. This causes permission problems.

The solution I'm currently using is to add a line to the post-receive file like:

chown -R user:user /home/user/public_html/*

This works fine, apart from the obvious problem of setting ALL files in public_html to user:user which isn't necessarily what is want and is probably a bit inefficient. Also it introduces another chance to type user:user wrong.

So:

1. Is there a way to only set the files that are being checked out rather than all the files in public_html?

2. Is there a way to stop the files being owned by root:root in the first place? I have to ssh in as root as I don't want to give other users ssh access.

Answer 1

I do not think pushing files to git as root system user matters. Because git does not necessarily use system user as git user.

There is something incorrect about your deployment workflow.

Instead of checking out the files directly into public_html, you should probably use another folder, which is not in the DocumentRoot. Exposing your git repo to the world may not be what you want to do.

I suggest you have another folder /home/user/git_cache

cd /home/user/git_cache && git checkout -f
cp -RpP /home/user/git_cache/* /home/user/public_html/*