2

I've followed the example listed at this site in remotely adding my files to my server, however, I'd like to have all files owned by the nginx:nginx user:group so that I can access the files from my browser after pushing the files.

How do I go about amending the post-receive hook so that nginx:nginx becomes the owner of the files/folders pushed to the remote 'ubuntu` server?

I've tried the following post-receive hook, however, if the file is being amended I receive the error: remote: error: unable to unlink old 'index.html' (Permission denied), shell script here:

#!/bin/sh
GIT_WORK_TREE=/var/www/www.foo.com/htdocs
export GIT_WORK_TREE
git checkout -f
exec sudo chown -R nginx:nginx $GIT_WORK_TREE

Thanks advance for any help!

rs77
  • 8,737
  • 2
  • 19
  • 19

1 Answers1

0

It is usually the result of a process not releasing those files (preventing the git checkout to do its jobs), as described in "Git Checkout warning: unable to unlink files, permission denied".

But it could also be the result of your sudo command to have worked successfully once, making any future execution of your hook fail because it no longer has the right to checkout as the 'git' user.

If it is the case, your hook should sudo as nginx:nginx your current git command, instead of chown the end result (the web working tree).

The OP confirms:

In the git post-receive hook I now have exec sudo -u nginx -g nginx ~/test.sh (test.sh contains the GIT_WORK_TREE contents above).
However, I'm getting another permission error: remote: fatal: Unable to create '/home/ubuntu/foo.git/index.lock': Permission denied.
After running ~/test.sh, do I need to go back to ubuntu:ubuntu?

I suggests:

Declare you repo as "shared by all" as in "Using Git without Sudo in many accounts".

Which seems to solve the issue:

I set the config to shared=true as per the post mentioned and it seems to be working now.

Community
  • 1
  • 1
VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • Thanks VonC for your reply. I have changed the `htdocs` folder back to `ubuntu:ubuntu` and when I make a change to the `index.html` file on my local machine I `git add .` then `git commit -m "blah"` followed by `git push web`, the change is made to the remote server at `/var/www/www.foo.com/htdocs/` but the owner is still `ubuntu:ubuntu`. How would I change the ownership of the files on the server to `nginx:nginx`? Is it something a git hook can do? Thanks again. – rs77 Sep 23 '12 at 01:09
  • @rs77 my point was for you to execute the script as `nginx:nginx` with `sudo`, in order for the `git checkout` to be executed as `nginx:nginx`. So your hook would contain only one line, the `sudo` command which would call *another* script (which checkout files), but call it with the right end user. – VonC Sep 23 '12 at 01:17
  • Thanks again VonC, in the git `post-receive` hook I now have `exec sudo -u nginx -g nginx ~/test.sh` (test.sh contains the `GIT_WORK_TREE` contents above), however, I'm getting another permission error: `remote: fatal: Unable to create '/home/ubuntu/foo.git/index.lock': Permission denied`. After running `~/test.sh` do I need to go back to `ubuntu:ubuntu`? Thanks again so much for your help. – rs77 Sep 23 '12 at 01:53
  • You might had another `sudo` before you `sudo` (still in your hook) in order to protect `/home/ubuntu.foo.git` (and just that directory) as `nginx:nginx` before making the checkout. Then add a third `sudo` *after* your original `sudo` in order to protect that `.git` repo directory back to `ubuntu:ubuntu`. – VonC Sep 23 '12 at 01:56
  • That or declare you repo as "shared by all": http://stackoverflow.com/questions/1367258/using-git-without-sudo-in-many-accounts – VonC Sep 23 '12 at 01:57
  • Thanks VonC! I set the `config` to `shared=true` as per the post mentioned and it seems to be working now. Thank you! – rs77 Sep 23 '12 at 14:34