windows+CentOS+git服务器搭建记录

设计：

在CentOS上创建一个管理共享文件夹的用户git。
创建需要登录的用户man1,man2.
用户在Windows客户端git上登录操作。
实现访问的权限分配：

一些必须知道的东西：

ssh的退出： exit
传输文件：
man2@edemon-PC MINGW64 ~/man2 (master)
$ scp info man2@192.168.137.99:/home/man2
man2@192.168.137.99’s password:
info

查看用户(500以上就是自己创建的用户)：
cat /etc/passwd
比如：

$ sudo useradd -m jordan   #增加用户 参数m用于创建目录，不加参数不会产生用户文件夹$ cat /etc/passwdjordan:x:500:500::/home/jordan:/bin/bash

关于公钥和私钥：
以下资料来自 http://blog.csdn.net/tanyujing/article/details/17348321

公钥和私钥就是俗称的不对称加密方式，是从以前的对称加密（使用用户名与密码）方式的提高。用电子邮件的方式说明一下原理。
使用公钥与私钥的目的就是实现安全的电子邮件，必须实现如下目的：
1. 我发送给你的内容必须加密，在邮件的传输过程中不能被别人看到。
2. 必须保证是我发送的邮件，不是别人冒充我的。
要达到这样的目标必须发送邮件的两人都有公钥和私钥。
公钥，就是给大家用的，你可以通过电子邮件发布，可以通过网站让别人下载，公钥其实是用来加密/验章用的。私钥，就是自己的，必须非常小心保存，最好加上 密码，私钥是用来解密/签章，首先就Key的所有权来说，私钥只有个人拥有。公钥与私钥的作用是：用公钥加密的内容只能用私钥解密，用私钥加密的内容只能 用公钥解密。
比如说，我要给你发送一个加密的邮件。首先，我必须拥有你的公钥，你也必须拥有我的公钥。
首先，我用你的公钥给这个邮件加密，这样就保证这个邮件不被别人看到，而且保证这个邮件在传送过程中没有被修改。你收到邮件后，用你的私钥就可以解密，就能看到内容。
其次我用我的私钥给这个邮件加密，发送到你手里后，你可以用我的公钥解密。因为私钥只有我手里有，这样就保证了这个邮件是我发送的。
当A->B资料时，A会使用B的公钥加密，这样才能确保只有B能解开，否则普罗大众都能解开加密的讯息，就是去了资料的保密性。验证方面则是使用签 验章的机制，A传资料给大家时，会以自己的私钥做签章，如此所有收到讯息的人都可以用A的公钥进行验章，便可确认讯息是由 A 发出来的了。

主机和虚拟机实际上都是通过虚拟路由通信，虚拟路由通过宿主使得其他虚拟机也可以访问外网

---

操作过程中可能遇到的问题：

如果没有将自己的公钥交给git，那么使用git进行clone等操作将会出现验证问题：
问题 The authenticity of host ‘192.168.137.99 (192.168.137.99)’ can’t be established.：

man2@edemon-PC MINGW64 ~$ git clone ssh://192.168.137.99/home/data/git/project.gitCloning into 'project'...The authenticity of host '192.168.137.99 (192.168.137.99)' can't be established.RSA key fingerprint is SHA256:KAYYu0Pe+Ma195kuhsL8kAUxaBTuoLfsUjLQ2HpkfzE.Are you sure you want to continue connecting (yes/no)? 

问题LF will be replaced by CRLF in man1_t 的解决：

$ git add man1_twarning: LF will be replaced by CRLF in man1_t.The file will have its original line endings in your working directory.Administrator@edemon MINGW64 ~/git_test (master)$ git config core.autocrlf false

问题 Failed to connect to proxy.com port 1234: Timed out：

Administrator@edemon MINGW64 ~/git_test (master)$ git push origin masterfatal: unable to access 'https://192.168.137.128:/home/data/git/project.git/': Failed to connect to proxy.com port 1234: Timed out

将https协议改成ssh即可
或者在 /c/Users/Administrator/.gitconfig 编辑即可。

问题 Not a git repository (or any of the parent directories): .git：

Administrator@edemon MINGW64 ~/.ssh$ git remote add origin ssh://192.168.137.128/home/data/git/project.gitfatal: Not a git repository (or any of the parent directories): .git#解决： 进入自己的版本库（含有.git的文件夹）Administrator@edemon MINGW64 ~/git_test (master)$ ls -a./  ../  .git/  git_test/  man1.txt  man1_administratorAdministrator@edemon MINGW64 ~/git_test (master)$ pwd/c/Users/Administrator/git_test

问题 fatal: remote origin already exists. ：
解决方法：
$ git remote rm origin

问题 insufficient permission for adding an object to repository：

$ git push -u origin masterman1@192.168.137.99's password:Counting objects: 3, done.Writing objects: 100% (3/3), 210 bytes | 0 bytes/s, done.Total 3 (delta 0), reused 0 (delta 0)error: insufficient permission for adding an object to repository database ./objectsfatal: failed to write objecterror: unpack failed: unpack-objects abnormal exitTo ssh://192.168.137.99/home/data/git/project.git ! [remote rejected] master -> master (n/a (unpacker error))error: failed to push some refs to 'ssh://192.168.137.99/home/data/git/project.git'

用户加入管理员的组中即可。

问题 failed to push some refs to：

$ git push -u origin masterman2@192.168.137.99's password:To ssh://192.168.137.99/home/data/git/project.git ! [rejected]        master -> master (fetch first)error: failed to push some refs to 'ssh://192.168.137.99/home/data/git/project.git'hint: Updates were rejected because the remote contains work that you dohint: not have locally. This is usually caused by another repository pushinghint: to the same ref. You may want to first integrate the remote changeshint: (e.g., 'git pull ...') before pushing again.hint: See the 'Note about fast-forwards' in 'git push --help' for details.

按照提示，我们需要先将远程库pull。

man2@edemon-PC MINGW64 ~/man2 (master)$ git pull ssh://192.168.137.99/home/data/git/project.git

---

过程：

$ Useradd  -m jordan$ passwd jordan

对上诉的四个用户全部产生独有的公私钥。

$ ssh-keygen -t rsaYour identification has been saved in /home/git/.ssh/id_rsa.Your public key has been saved in /home/git/.ssh/id_rsa.pub

将jordan, man1, man2的公钥交给git。（他们自己生成的id_rsa.pub文件，把所有公钥复制到/home/git/.ssh/authorized_keys文件里，一行一个, authorized:权威认可的，审定的，经授权的;）

[root@edemon .ssh]# pwd/home/man1/.ssh[root@edemon .ssh]# cat id_rsa.pub >> /home/git/.ssh/authorized_keys[root@edemon .ssh]# cat /home/git/.ssh/authorized_keys[root@edemon .ssh]# cat /home/man2/.ssh/id_rsa.pub >> /home/git/.ssh/authorized_keys [root@edemon git]# chmod 755 /home/git/.ssh/authorized_keys

初始化git仓库。
创建多级目录：
mkdir -p /home/data/git
创建一个裸的仓库：

[root@edemon git]# git init --bare project.gitInitialized empty Git repository in /home/data/git/project.git/# chown -R git:git project.git#  ls -l project.git# ls　-ldrwxr-xr-x　3　user　group　102　Mar11　22:56　Filename

禁止git用户使用shell登录：

git:x:501:501::/home/git:/bin/bash改成：git:x:501:501::/home/git:/usr/bin/git-shell

当尝试登录时：
[root@edemon bin]# su git
fatal: What do you think I am? A shell?

在windows的git客户端生成公私钥：

ssh-keygen -t rsaEnter same passphrase again:Your identification has been saved in /c/Users/Administrator/.ssh/id_rsa.Your public key has been saved in /c/Users/Administrator/.ssh/id_rsa.pub.

查看生成的公钥：
cat /c/Users/Administrator/.ssh/id_rsa.pub
然后登录自己在服务器上对应的用户：
$ ssh man1@192.168.137.128
直接将公钥数据存到自己的文件中：

man1@edemon-PC MINGW64 ~$ cd ~/.sshman1@edemon-PC MINGW64 ~/.ssh$ ls -a./  ../  id_rsa  id_rsa.pubman1@edemon-PC MINGW64 ~/.ssh$ cat id_rsa.pub[man1@edemon ~]$ cat > tssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN9ZxuxP13LO/HpAI/28V1xWMAQqEp0JOG1o5UovYGMsdYUFAnHqGFvIYeDrsdiWgRReui9abQoq/ufV4b3K6CY+3em5OMx8NvhPWv9VC0HptS66x6Uzo18x8q2N6ve10rdHY7kNbDnuad0qd2WISadtaups7YFu92J1KVyip8tmc2zHPkslfx76n0R8qlpzHdf/cARUprt  +bo5vFLOOKV6DGsbc7k7NijoacpPq0CsPB2Ca8YVwU5ATgWdjuhnhIlxD8fNLVSqdpkCXEYuFcPJ0UGrQADVn6TdlpqMnE5jNoBVEM7ZQ7IbdvnIS4nVl3Gv/sQ47esgCeDIiDHVx57 Administrator@edemon^Z[1]+  Stopped                 cat > t# 文件结束符是ctrl+D。 当时用的是ctrl+Z.[man1@edemon ~]$ cat t

每一个用户都这样操作，最后root直接将所有用户文件t的公钥追加到 /home/git/.ssh/authorized_keys中 (或者每个人用root账号自己追加)
如果没有将自己的公钥交给git，那么使用git进行clone等操作将会出现验证问题：

man2@edemon-PC MINGW64 ~$ git clone ssh://192.168.137.99/home/data/git/project.gitCloning into 'project'...The authenticity of host '192.168.137.99 (192.168.137.99)' can't be established.RSA key fingerprint is SHA256:KAYYu0Pe+Ma195kuhsL8kAUxaBTuoLfsUjLQ2HpkfzE.Are you sure you want to continue connecting (yes/no)? 

当然，最开始每个用户都没有将自己的公钥交给git，所以只能硬上了。即使能登陆，但不能正常的git分支操作。

man2@edemon-PC MINGW64 ~/.ssh$ ssh man2@192.168.137.99The authenticity of host '192.168.137.99 (192.168.137.99)' can't be established.RSA key fingerprint is SHA256:KAYYu0Pe+Ma195kuhsL8kAUxaBTuoLfsUjLQ2HpkfzE.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added '192.168.137.99' (RSA) to the list of known hosts.man2@192.168.137.99's password:[man2@edemon ~]$

追加的命令：

cat >> /home/git/.ssh/authorized_keys(复制的内容)ctrl+Z

每一个人建立版本库，暂存区和工作区，也即是一个git文件夹：

Administrator@edemon MINGW64 ~$ mkdir "git_test"Administrator@edemon MINGW64 ~$ cd git_test/Administrator@edemon MINGW64 ~/git_test$ git initInitialized empty Git repository in C:/Users/Administrator/git_test/.git/

本地提交文件更新暂存区和工作区：

Administrator@edemon MINGW64 ~/git_test (master)$ vi man1_administratorAdministrator@edemon MINGW64 ~/git_test (master)$ git add man1_administratorAdministrator@edemon MINGW64 ~/git_test (master)$ git commit -m "man1_administrator commit"[master e74a4e9] man1_administrator commit 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 man1_administrator delete mode 100644 man1_t$ git remote add origin ssh://192.168.137.128/home/data/git/project.git$ git push -u origin master   //-u参数有关联分支的作用

推送至服务器：

Administrator@edemon MINGW64 ~/git_test (master)$ git remote add origin ssh://192.168.137.128/home/data/git/project.git# /c/Users/Administrator/git_testgit push -u origin master  #传送文件到远程库，并且-u将本地的master分支和远程库的master分支关联起来

//阶段性
//我尝试同本地clone，但是只有Administrator的用户，可恶的是还不能创建新的用户（我的win8没有激
//活），新的台式电脑是没有无线网卡的！我又只能重新到台式机上搭服务器了，坑爹啊！！

vmware 的restore default默认设置：
1.host-only的链接模式，虚拟机只能与主机构成内部通信，无法对外网进行访问。（VMNet1）
2.bridge模式，安装虚拟机系统后不需要调整网络，物理网络中的 “路由” 所包含的DHCP服务器会自动识别该虚拟机并为其分配IP地址；
如果没有路由，可以自己手动在系统分配，原则是和宿主机在同一网段并指向相同的网关即可通信。（VMNet0）
3.NAT网络模式在宿主机安装多台虚拟机，和宿主组成一个小局域网，宿主机，虚拟机之间都可以互相通信，虚拟机也可访问外网 （VMNet8）

虚拟机装在笔记本上，而笔记本的win8系统没有激活，所以我不能随意地增加用户，而不增加用户的话（为了使得用户名和linux上的登录用户名一样）就不能够正常的登录。我发现自己的台式机win7是好用的，能够随意地增加用户。于是一个想法诞生了，让台式机远程登录虚拟机进行操作。我顺手找了一根网线将台式机和笔记本连一起。接着，设置三者的IP在同一网段。

---

“三台电脑”组成的局域网

这里所说的是虚拟机，笔记本，台式机。

虚拟网卡eth0设置桥接
VMWARE的虚拟网络编辑器下，VMnet0设置桥接，VMnet8设置NAT。虚拟系统的网络适配器设置成桥接，复制到物理网络连接状态。

更改IP信息：
vi /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR=192.168.137.99 IP地址
NETMASK=255.255.255.0 子网掩码
GATEWAY=192.168.137.1 网关
BOOTPROTO=static // 消除 “Determining IP information for eth0…failed”的错误 ( dhcp )

vi /etc/resolv.conf
末尾加DNS域名服务器
nameserver 62.139.23.69
nameserver 204.98.94.68

注意，本地以太网的设置DNS、掩码、网关均和这个虚拟的eth0相同，IP自设。
在台式机的以太网的设置和笔记本相同（也是IP自设，保证处于同一网段即可）。

机型 IP mask getway 台式机 192.168.137.101 255.255.255.0 192.168.137.1 笔记本 192.168.137.109 255.255.255.0 192.168.137.1 虚拟机 192.168.137.99 255.255.255.0 192.168.137.1

台式机的网关当时没设置。

service network restart // /etc/init.d/network

三者互ping，能够ping通。

---

权限错误的情况：

$ git push -u origin masterman1@192.168.137.99's password:Counting objects: 3, done.Writing objects: 100% (3/3), 210 bytes | 0 bytes/s, done.Total 3 (delta 0), reused 0 (delta 0)error: insufficient permission for adding an object to repository database ./objectsfatal: failed to write objecterror: unpack failed: unpack-objects abnormal exitTo ssh://192.168.137.99/home/data/git/project.git ! [remote rejected] master -> master (n/a (unpacker error))error: failed to push some refs to 'ssh://192.168.137.99/home/data/git/project.git'

这恰恰是我想要的权限守护文件效果，必须好好加以利用。

新增分组：pt_c project对应着组pt_c，组内的成员均有访问权限。

groupadd pt_c # -G:次要用户组# -g:初始用户组[root@edemon git]# usermod -G pt_c man1   # 用户已经存在[root@edemon git]# useradd -G pt_c man1   # 用户不存在[root@edemon git]# usermod -g pt_c man1   # 用户已经存在[root@edemon git]# useradd -g pt_c man1   # 用户不存在

为了方便，直接将要需要访问的用户增加到文件git管理者用户组里。

我们用命令：

[root@edemon git]$ usermod -G git -g git man1 #这是一个糟糕的命令，推荐使用下面的：[root@edemon git]$ gpasswd -a man1 git #git中增加man1[root@edemon git]$ gpasswd -d man1 git #git中删除man1 

如此一来就可以在project.git中读写文件了。

cat /etc/groupjordan:x:500:git:x:501:man1:x:502:man2:x:503:Administrator:x:504:pt_c:x:505:man1# 删除用户组（组员没有删除）：[root@edemon project.git]# groupdel pt_cgroupdel: cannot remove the primary group of user 'man1'

ls -l的各项数据意义：
[root@edemon git]# ls -l|grep pro

各组的权限 owner的权限 owner group filesize time writeTime filename drwxr-xr-x. 7 git git 4096 Aug 6 22:37 project.git

给git组所有成员赋予读写权限：
查看文件的详细信息：

[man1@edemon git]$ getfacl project.git/# file: project.git/# owner: git# group: gituser::rwxgroup::rwxother::r-x

将man1加入git初始用户组后，正常使用的情况：

#推送文件到服务器：man1@edemon-PC MINGW64 ~/git_test (master)$ git push -u origin masterman1@192.168.137.99's password:Counting objects: 3, done.Writing objects: 100% (3/3), 210 bytes | 0 bytes/s, done.Total 3 (delta 0), reused 0 (delta 0)To ssh://192.168.137.99/home/data/git/project.git * [new branch]      master -> masterBranch master set up to track remote branch master from origin.#克隆文件：man1@edemon-PC MINGW64 ~/git_test (master)$ git clone ssh://192.168.137.99/home/data/git/project.gitCloning into 'project'...man1@192.168.137.99's password:remote: Counting objects: 3, done.remote: Total 3 (delta 0), reused 0 (delta 0)Receiving objects: 100% (3/3), done.Checking connectivity... done.#查看clone下来的文件夹project:man1@edemon-PC MINGW64 ~/git_test (master)$ ls -ltotal 1-rw-r--r-- 1 man1 197121 17 八月  7 11:11 man1.txtdrwxr-xr-x 1 man1 197121  0 八月  7 13:27 project/man1@edemon-PC MINGW64 ~/git_test (master)$ cd projectman1@edemon-PC MINGW64 ~/git_test/project (master)$ lsman1.txt

对于没有加入git初始组的man2，他同样不能正常git分支操作：

man2@edemon-PC MINGW64 ~/git_learn (master)$ git push -u origin masterman2@192.168.137.99's password:To ssh://192.168.137.99/home/data/git/project.git ! [rejected]        master -> master (fetch first)error: failed to push some refs to 'ssh://192.168.137.99/home/data/git/project.git'

当我们把他加入git用户组.
问题：

$ git push -u origin masterman2@192.168.137.99's password:To ssh://192.168.137.99/home/data/git/project.git ! [rejected]        master -> master (fetch first)error: failed to push some refs to 'ssh://192.168.137.99/home/data/git/project.git'hint: Updates were rejected because the remote contains work that you dohint: not have locally. This is usually caused by another repository pushinghint: to the same ref. You may want to first integrate the remote changeshint: (e.g., 'git pull ...') before pushing again.hint: See the 'Note about fast-forwards' in 'git push --help' for details.

按照提示，我们需要先将远程库pull。

man2@edemon-PC MINGW64 ~/man2 (master)$ git pull ssh://192.168.137.99/home/data/git/project.gitman2@192.168.137.99's password:warning: no common commitsremote: Counting objects: 3, done.remote: Total 3 (delta 0), reused 0 (delta 0)Unpacking objects: 100% (3/3), done.From ssh://192.168.137.99/home/data/git/project * branch            HEAD       -> FETCH_HEADMerge made by the 'recursive' strategy. man1.txt | 1 + 1 file changed, 1 insertion(+) create mode 100644 man1.txt文件中的内容：Merge ssh://192.168.137.99/home/data/git/projectman2 merge remote branch   #填写内容# Please enter a commit message to explain why this merge is necessary,# especially if it merges an updated upstream into a topic branch.## Lines starting with '#' will be ignored, and an empty message aborts# the commit.

然后就可以正常的push和clone了。

man2@edemon-PC MINGW64 ~/man2 (master)$ git remote add origin ssh://192.168.137.99/home/data/git/project.gitman2@edemon-PC MINGW64 ~/man2 (master)$ git push -u origin masterman2@192.168.137.99's password:Counting objects: 5, done.Delta compression using up to 2 threads.Compressing objects: 100% (3/3), done.Writing objects: 100% (5/5), 486 bytes | 0 bytes/s, done.Total 5 (delta 0), reused 0 (delta 0)To ssh://192.168.137.99/home/data/git/project.git   58f47da..2972d33  master -> masterBranch master set up to track remote branch master from origin.man2@edemon-PC MINGW64 ~/man2 (master)$ lsinfo  man1.txt  man2.txtman2@edemon-PC MINGW64 ~/man2 (master)$ git clone ssh://192.168.137.99/home/data/git/project.gitCloning into 'project'...man2@192.168.137.99's password:remote: Counting objects: 8, done.remote: Compressing objects: 100% (4/4), done.remote: Total 8 (delta 0), reused 0 (delta 0)Receiving objects: 100% (8/8), done.Checking connectivity... done.man2@edemon-PC MINGW64 ~/man2 (master)$ cd project/man2@edemon-PC MINGW64 ~/man2/project (master)$ lsman1.txt  man2.txt

结果

服务器慢也正常，自己搭建的小型局域服务网远程登录的时候都会卡一会儿
综上所述，git服务器的文件保护有两层机制，一是linux的用户读写权限，二是git的公私钥RSA体系。如果没有用户权限，git-shell登录都成问题，如果管理员git的/home/git/.ssh/authorized_keys中没有用户的公钥，那么我们也是不能正常的git分支操作的。（Windows登录的用户名需要和linux上记录的用户名一样）如果要实现多文件权限访问保护，也即：


在服务器上要实现上诉的访问体系，一是RSA公私钥保证上传文件顺利进行，二是Linux用户组权限设置正确。有了这两层保护体系就可以实现权限不同的文件服务体系。于是按照用户的访问情况，我们对用户分组，每一组就对应着一个远程库。说的简单一点，就是通过多设计几个repository（仓库）来做到这一点，从上图来看，可以这样：

组员 文件 man1, man2 B E man1, man3 F man1, man2, man3 C man1 A, D

即：访问人员的数目和成员相同的文件可以放在同一个代码仓库中。然后重复上面的过程进行操作即可。如果文件系统不复杂，这是可以做到的。

后记

如果用户jordan没能告诉git自己的公钥，那么他将不能上传自己的文件。但是可以顺利克隆。

jordan@edemon-PC MINGW64 ~/jordan (master)$ git push origin masterssh: connect to host 192.68.137.99 port 22: Network is unreachablefatal: Could not read from remote repository.Please make sure you have the correct access rightsand the repository exists.

正常的clone：

man1@edemon-PC MINGW64 ~/git_test (master)# 带有登录名的clone方式$ git clone ssh://man1@192.168.137.99/home/data/git/project.gitCloning into 'project'...man1@192.168.137.99's password:remote: Counting objects: 8, done.remote: Compressing objects: 100% (4/4), done.remote: Total 8 (delta 0), reused 0 (delta 0)Receiving objects: 100% (8/8), done.Checking connectivity... done.#推荐的clone方式$ git clone ssh://192.168.137.99/home/data/git/project.git# 同样的方法，man2也能clone下来。# 同样的方法，jordan也能clone下来。

更改权限：

[root@edemon git]# chmod -R 770 project.git[root@edemon git]# cd project.git/[root@edemon project.git]# ls -ltotal 32drwxrwx---.  2 git git 4096 Aug  6 20:34 branches-rwxrwx---.  1 git git   66 Aug  6 20:34 config-rwxrwx---.  1 git git   73 Aug  6 20:34 description-rwxrwx---.  1 git git   23 Aug  6 20:34 HEADdrwxrwx---.  2 git git 4096 Aug  6 20:34 hooksdrwxrwx---.  2 git git 4096 Aug  6 20:34 infodrwxrwx---. 12 git git 4096 Aug  7 21:33 objectsdrwxrwx---.  4 git git 4096 Aug  6 20:34 refs

这次就不能clone了。

jordan@edemon-PC MINGW64 ~/project (master)$ git clone ssh://jordan@192.168.137.99/home/data/git/project.gitCloning into 'project'...jordan@192.168.137.99's password:fatal: '/home/data/git/project.git' does not appear to be a git repositoryfatal: Could not read from remote repository.Please make sure you have the correct access rightsand the repository exists.

即使更换登录名也不行：

jordan@edemon-PC MINGW64 ~/project (master)$ git clone ssh://man1@192.168.137.99/home/data/git/project.gitCloning into 'project'...man1@192.168.137.99's password:fatal: '/home/data/git/project.git' does not appear to be a git repositoryfatal: Could not read from remote repository.Please make sure you have the correct access rightsand the repository exists.jordan@edemon-PC MINGW64 ~/project (master)$ git clone ssh://192.168.137.99/home/data/git/project.gitCloning into 'project'...jordan@192.168.137.99's password:fatal: '/home/data/git/project.git' does not appear to be a git repositoryfatal: Could not read from remote repository.Please make sure you have the correct access rightsand the repository exists.

递交了公钥但是不在git组的man2也不能clone:

man2@edemon-PC MINGW64 ~/man2/project (master)$ git clone ssh://192.168.137.99/home/data/git/project.gitCloning into 'project'...man2@192.168.137.99's password:fatal: '/home/data/git/project.git' does not appear to be a git repositoryfatal: Could not read from remote repository.Please make sure you have the correct access rightsand the repository exists.

只有man1能正常clone! 对于既递交了公钥的,又是git组的man1

man1@edemon-PC MINGW64 ~/git_test (master)$ git clone ssh://192.168.137.99/home/data/git/project.gitCloning into 'project'...man1@192.168.137.99's password:remote: Counting objects: 8, done.remote: Compressing objects: 100% (4/4), done.remote: Total 8 (delta 0), reused 0 (delta 0)Receiving objects: 100% (8/8), done.Checking connectivity... done.

成功clone！

从一个组内删除一个用户：

[root@edemon ~]# gpasswd -d man2 gitRemoving user man2 from group git[root@edemon ~]# cat /etc/group |grep gitgit:x:501:man1

相关文件：
/etc/group
/etc/gshadow

问题：可执行权限x对于一个目录有什么作用？
对于普通的文件而言，可执行权限是容易理解的。但是一个目录（文件夹），x就是针对用户说明其具有访问浏览的权限，如果用户具有这样的可执行权限，那么他可以进行递归搜索，查看其它文件的信息。

---