git --bare 和 --shared 目录之间的实际区别是什么?
[英]What is the practical difference between a git --bare and --shared directory?
问题描述
The docs state
文档状态
--bare
Create a bare repository.
and和
--shared[=(false|true|umask|group|all|world|everybody|0xxx)]
Specify that the Git repository is to be shared amongst several users.
The option can have the following values, defaulting to group if no value is given: ...
I always thought我一直以为
- If I work alone, I can just work in a directory / project without a remote (no bare repo needed)如果我一个人工作,我可以在没有遥控器的目录/项目中工作(不需要裸仓库)
- If I share my work I just use Github or something similar or just create my own remote using "--bare" option.如果我分享我的工作,我只是使用 Github 或类似的东西,或者只是使用“--bare”选项创建我自己的遥控器。
Why do I need anything else?为什么我还需要其他东西? What does "shared" mean? “共享”是什么意思? (For the "bare" option see also this question ). (对于“裸”选项,另见这个问题)。 And I just tested that git init --shared=all is possible and thus independent of --bare .我刚刚测试了git init --shared=all是可能的,因此独立于--bare 。 (Which was a surprise after reading this question ) (读完这个问题后很惊讶)
2 个解决方案
解决方案1
4 已采纳 2021-07-26 15:45:11
Like the link you mentioned, the two aren't mutually exclusive.就像您提到的链接一样,两者并不相互排斥。 --shared is used mainly for managing permissions, and --bare is to create a repo without a working directory, and it's used for sharing. --shared主要用于权限管理,-- --bare是创建一个没有工作目录的repo,用于共享。 This link was helpful for me: https://serverfault.com/a/113688这个链接对我很有帮助: https : //serverfault.com/a/113688
解决方案2
2 2021-07-26 22:51:02
As saxo said , these two options can (and sometimes do) work in tandem:正如saxo 所说,这两个选项可以(有时确实)协同工作:
--baremakes a bare repository , ie, a repository with no working tree.--bare创建一个裸仓库,即一个没有工作树的仓库。--shared= modemakes sure that Git uses Unix-style permissions on its own internal files according to themodeargument.--shared= mode确保 Git 根据mode参数对其内部文件使用 Unix 风格的权限。 This is not likely to work on anything that is not a Unix-like system, but since Linux is a Unix-like system, it works well on Linux servers.这不太可能在任何非类 Unix 系统上运行,但由于 Linux 是类 Unix 系统,因此它在 Linux 服务器上运行良好。
A bare repository—one with no working tree—cannot have any work done in it.一个裸仓库——一个没有工作树的仓库——不能在其中完成任何工作。 This makes it an ideal recipient for work done elsewhere .这使它成为在其他地方完成的工作的理想接受者。 That work-done-elsewhere arrives at the server computer via git push .在别处完成的工作通过git push到达服务器计算机。
A non-bare repository can have work done in it.非裸存储库可以在其中完成工作。 Suppose someone has logged on to the server, and is performing ongoing work in the non-bare repository.假设有人已登录到服务器,并且正在非裸存储库中执行正在进行的工作。 Suddenly, someone on some other computer runs git push server branch .突然,其他计算机上的某人运行git push server branch 。 This is a request that the server accept new commits and update its (the server's) branch named branch .这是服务器接受新提交并更新其(服务器的)名为branch的请求。 But the person who is working on the server is in the middle of making updates to that same branch.但是在服务器上工作的人正在对同一分支进行更新。 How will Git reconcile the incoming updates with the logged-in-on-the-server-user's updates? Git 将如何将传入的更新与登录到服务器的用户的更新进行协调? The answer is: It won't.答案是:不会。 The server Git will refuse the incoming update, because some user is potentially doing work on the server.服务器 Git 将拒绝传入的更新,因为某些用户可能正在服务器上工作。
Since a bare repository has no working tree, it is impossible to do any work in it.由于裸仓库没有工作树,因此不可能在其中做任何工作。 Therefore, no one is working on this bare repository on the server.因此,没有人在服务器上处理这个裸存储库。 Therefore it is safe to accept an incoming push.因此,接受传入的推送是安全的。 Conclusion: non-bare = not-safe;结论:非裸 = 不安全; bare = safe.裸 = 安全。 A --bare clone, on a server, can accept pushes.服务器上的--bare克隆可以接受推送。 Hence, server clones are normally bare.因此,服务器克隆通常是裸的。
The shared stuff is much more complicated.共享的东西要复杂得多。 Given that you have a Linux server with a bare clone, we now ask: Who has access to this Linux server?鉴于您有一台带有裸克隆的 Linux 服务器,我们现在问:谁可以访问这台 Linux 服务器? How do they log in to the server?他们如何登录服务器? Does this affect their ability to use git push ?这会影响他们使用git push的能力吗? The answers here vary, hugely .这些问题的答案在这里有所不同,巨大的。 For instance, the servers that GitHub run don't allow users to log in at all, but do allow, via specialized tricks, ssh push access, as long as the users push as a pseudo-user named git .例如,GitHub 运行的服务器根本不允许用户登录,但允许通过专门的技巧ssh推送访问,只要用户以名为git的伪用户身份推送。 This method bypasses all the normal Linux security stuff, and the --shared mode stuff becomes irrelevant.这种方法绕过了所有正常的 Linux 安全性内容,而--shared模式的内容变得无关紧要。
Other systems, however, do allow users to ssh in. Some users have full access as themselves (so that they can use sudo and/or do other administrative tasks directly on the server).但是,其他系统确实允许用户通过 ssh 进入。一些用户拥有自己的完全访问权限(以便他们可以直接在服务器上使用sudo和/或执行其他管理任务)。 Other users may have more limited access, but still as themselves .其他用户可能有更有限的访问权限,但仍然是他们自己。 They "log in" on the server and have a user ID, and with that, user and group IDs and accompanying permissions.他们在服务器上“登录”并拥有一个用户 ID,以及用户和组 ID 以及随附的权限。
The Linux permissions model allows Git to work with the Linux group-permissions model, provided that the Git repository itself contain group-writable directories. Linux 权限模型允许 Git 使用 Linux 组权限模型,前提是 Git 存储库本身包含组可写目录。 Since Git creates new directories on its own (during, eg, git push operations), these newly-created directories must have the correct permissions—specifically, group-write permission (and correct group ownership, which is managed separately, not by Git).由于 Git 自行创建新目录(例如,在git push操作期间),这些新创建的目录必须具有正确的权限——特别是组写入权限(以及正确的组所有权,单独管理,而不是由 Git 管理) . To make this happen automatically, the adminstrator should create this repository with --shared=group or similar.要自动执行此操作,管理员应使用--shared=group或类似参数创建此存储库。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.