diff --git a/doc/overkill.mkd b/doc/overkill.mkd new file mode 100644 index 0000000..bb85e89 --- /dev/null +++ b/doc/overkill.mkd @@ -0,0 +1,51 @@ +# when gitolite is overkill + +Note: I wrote this to help people for whom gitolite is genuinely overkill. I +believe it will all work, but YMMV. + +---- + +You don't always need something like gitolite. If you have a fixed (or very +rarely changing) number of users, and all of them have full access to all your +repos, you can use plain Unix permissions to get a lot of this done: + + * dedicate a userid (say "git") to host all your repos. This user will also + have a group (normally called "git" on most distros I think) + + * create a directory that is accessible (at least "r" and "x" permissions) + to the group "git", all the way upto the root. (That is, if the directory + you chose is /home/git/repos, then /, /home, /home/git, and + /home/git/repos must all be "g+rx"). + + * create all repos in this directory, as the "git" user, using the following + command: + + git init --bare --shared reponame.git + + * For each user who needs access to the repos, add them as members to the + "git" group also. On Mandriva this is: + + usermod -G git username + + Don't forget that `-G` *replaces* the list of supplementary groups for the + user, so be sure to first check if he is already member of some groups and + keep those in the command (comma-separated). + +And that's basically it. The "init --shared" will create the repos with +"chmod -R g+s". If you have existing repos where you forgot (or didn't know) +the "--shared" argument, do this on each of them: + + cd reponame.git + git init --shared --bare + chmod -R g+w . + chmod g+s `find . -type d` + +I think that should do it. + +---- + +You can do more complex things using Unix acls. If you do, and feel like +writing it up, send it to me and I will add it here (with credit given of +course). Personally, I can't be bothered -- once you have differing needs for +different people, you really need gitolite anyway, because you probably need +different rights for branches as well and Unix ACLs can't do that.