WebFaction
Community site: login faq

Sometimes my devs facing such a trouble. They have their application folders, and a clones of repos in them. And each developer also has his ssh/ftp user. When they perform smth. like "git pull origin dev" they sometimes get an error like this: unable to unlink old '.gitignore' (Permission denied)

When I do the same thing with the webfaction account root user - everything goes just fine. So custom ssh/ftp user is lacking rights for .git and .gitignore. When I try to change this - I'm getting "username is not in the sudoers file. This incident will be reported."

What am I doing wrong?

asked 09 Apr, 15:35

avalsorya's gravatar image

avalsorya
111
accept rate: 0%


The problem is that you're giving each developer a separate SSH user, instead of giving each git repository a separate SSH user.

When you have multiple SSH users all trying to access the same repository, each one is creating files owned by that user, and it results in permission conflicts like what you're seeing.

Generally speaking there's no need or use for each developer having a separate user. Git already tracks commits and who made them, so using git specifically solves the problem of ownership: everyone can commit via the same SSH user to a particular repository, and you still know (via the git commits) who did what. And it's simpler because there's no need to set and manage sets of ACL permissions.

If you have any questions about how exactly to implement this in a particular case, just ask and we'll be happy to elaborate. There's more than one way to do it.

Similarly, you can control who has access to which repositories by way of separating them into their own SSH users -- then, give the credentials for the appropriate repositories to the appropriate users. This is the simple way; if you need more control, something like gitolite might be more appropriate.

Now, taking this a step further, the way I prefer to manage this is to have a single SSH user for one website and its associated git repository(ies). Now, you can deploy directly from that repository to the website code, with all those files owned by the same SSH user, but with multiple developers and each of their commits tracked in git.

To fix the situation you're now in, we can help by chowning your files as you need -- just open a support ticket and let us know which directories and owners to change, and we'll be happy to do so for you. But ultimately this will continue to happen until you restructure so that any particular file is only modified by one SSH user.

Hope that helps!

permanent link

answered 10 Apr, 03:49

ryans's gravatar image

ryans ♦♦
5.0k42652
accept rate: 43%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×104
×100
×36
×25
×1

question asked: 09 Apr, 15:35

question was seen: 164 times

last updated: 10 Apr, 03:49

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2016 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM