-1

I'm trying to git clone a project onto my server. Yet I get a permission denied error.

If I create a new folder with chmod 777 permissions, it works.

What permission level should a folder have to use git clone into it?

Martin
  • 628
  • 1
  • 9
  • 28
panthro
  • 22,779
  • 66
  • 183
  • 324
  • 2
    You're saying you create a *local* folder and git clone there? AFAIK the only thing you need to be able where you clone into is create a new folder. In other words: you need to have write permission in the folder that you want to clone into. – Joachim Sauer Jun 22 '22 at 13:05
  • 1
    You can test with `mkdir delme`: if that works, `git clone` will work too. – joanis Jun 22 '22 at 13:16
  • 1
    can you please describe in more details the command you type to clone, and the location (working directory) you are in when you run that command ? – LeGEC Jun 22 '22 at 13:31
  • @joanis that does not work – panthro Jun 22 '22 at 13:49
  • @JoachimSauer "you need to have write permission in the folder that you want to clone into" and how do you do that? – panthro Jun 22 '22 at 13:49
  • 1
    Your answer is [here](https://stackoverflow.com/a/40979016/14632769) – vinceAmstoutz Jun 22 '22 at 14:43
  • 3
    Whatever you are hoping to accomplish, **`chmod 777` is *wrong* and *dangerous.*** You will want to revert to sane permissions ASAP (for your use case, probably `chmod 755`) and if you have had world writable system files on a public-facing system, at the very least investigate whether it could have been breached and used as a pivot point for breaking into your organization’s network. – tripleee Jun 22 '22 at 14:47
  • Does this answer your question? [How to add chmod permissions to file in Git?](https://stackoverflow.com/questions/40978921/how-to-add-chmod-permissions-to-file-in-git) – YesThatIsMyName Jun 23 '22 at 08:12

1 Answers1

2

The git clone command, used as:

git clone <url> <destination>

or:

git clone <url>

is shorthand for:

  1. Make a new, empty directory (empty folder) as specified by the destination argument, or, if it's omitted, as specified by reading the supplied URL and turning that into a best-guess name (the guess is usually fine). There's one exception to this rule and that is if the destination argument is already a directory (folder), it must be empty, and then git clone uses it, rather than making it.

  2. In that new directory (folder), create a new empty repository with git init. This creates a sub-directory (sub-folder) named .git and populates it with files.

  3. In that same directory, run git remote add: this updates the .git/config file created in step 2. This command needs at least two arguments; one of them is supplied by the url you gave, and the other defaults to the name origin (but you can add options to git clone to use some other name, if you want). This name is the name of a remote. There's no reason to use anything other than origin here, and below, I'll assume you didn't change this.

  4. Again in that same directory, run any additional git config commands required (as specified by options).

  5. Again in that same directory, run git fetch origin. This populates the empty Git repository created in step 2 with commits and other internal Git objects. There are, as yet, no files in the main directory (only in the hidden .git sub-directory). It also reads out the other Git repository's branch names, and uses those to make remote-tracking names (not branch names!) in your new repository. You thus have all the commits, but no branches.

  6. Finally, run git checkout or git switch in that same directory, to extract some particular commit, as found by some particular remote-tracking name, creating, in the process, one branch name in your own new repository. This last step will create files and sub-directories within the directory created in step 1.

This means that the permissions required are:

  • creation of a directory (folder) somewhere, as specified by the destination argument (possibly implied);
  • creation of directories (folders) within that directory;
  • creation of files within that directory and any created subdirectories;
  • read-back permission on such files and directories.

On a Unix-like system, this requires rwx permission for you, the user (mode 0700 at a minimum) on the destination path. The typical setting on most systems is 0755 (rwxr-xr-x) or 0750 (rwxr-x---). Git will, internally, ask for mode 0777 (rwxrwxrwx) on directories and 0666 (rw-rw-rw-) on files, but your umask setting—which is pretty typically 022—will take away write permission for group and/or other, and possibly more permissions. For instance, a umask setting of 077 takes away ---rwxrwx so that a request to create as rw-rw-rw- winds up creating as rw-------. Note how the bits that are set in the "umask" wind up cleared (not-set) in the final file or directory.

Non-Unix-like systems, e.g., those with ACLs, are often much more complicated and generally require a much more complicated setup to administer.

torek
  • 448,244
  • 59
  • 642
  • 775