To aggregate the bits and pieces of good advice from the various other answers and comments about setting up a new repo:
If you're setting up a brand new repo myrepo in /srv/git for the group mygroup, this is what you want:
mkdir /srv/git/myrepo.git
chgrp mygroup /srv/git/myrepo.git
git init --bare --shared /srv/git/myrepo.git
- the first line creates the repo dir
- the second line sets its group to
mygroup - the third line initializes a bare repo with the following configuration:
core.bare = true: make it a bare repocore.sharedrepository = 1(same ascore.sharedrepository = group): the repo directory and all directories later created in it will be managed by git to allowmygroupread, write, and execute permissions (with the sgid bit set as well -- so as to work with users for whommygroupis not their primary group)receive.denyNonFastforwards = 1: deny non fast-forward pushes to the repo
If you want to fine-tune the user, group, or other users' permissions, use --shared=0NNN, where NNN are the standard user, group, and other bits for files (the execute and sgid bits on directories will be managed appropriately by git). For example, this allows read and write access to the user, and read-only access to the group (and no access to other):
git init --bare --shared=0640 /srv/git/myrepo.git
This allows read and write access to the user and group (and no access to other):
git init --bare --shared=0660 /srv/git/myrepo.git
This allows read and write access to the user and group, and read-only access to other:
git init --bare --shared=0664 /srv/git/myrepo.git
Note that if you're not going to allow write access to the group, make sure to first use chown to set the owner of the repo, and then run the git init command as that user (to make sure the repo is initialized with the correct owner for all the initial files and sub-directories).