One config setting that mighthelp here is core.sharedRepository, presented in the blog post "Preserving Group Write on Git Objects in a Collaborative Repository":

一个可能对这里有帮助的配置设置是core.sharedRepository，在博客文章“在协作存储库中保留 Git 对象上的组写入”中介绍：

The solution turned out to be fairly straightforward.
In the file .git/config, I added a line that read: "sharedRepository = group", like so:

[core]
    repositoryformatversion = 0
    filemode = true
    bare = false
    logallrefupdates = true
    sharedRepository = group

Thereafter, new files in .git/objectswere created with the proper permissions for group write.
(However, note that new files are group-owned by the primary group of the user account via which the push was received. If the users collaborating on the project have different primary groups, and if those users do not share membership in that set of groups, you may still run into problems.)

结果证明这个解决方案相当简单。
在文件中.git/config，我添加了一行内容：“ sharedRepository = group”，如下所示：

[core]
    repositoryformatversion = 0
    filemode = true
    bare = false
    logallrefupdates = true
    sharedRepository = group

此后，.git/objects使用适当的组写入权限创建了新文件。
（但是，请注意，新文件由接收推送的用户帐户的主要组拥有。如果在项目上协作的用户具有不同的主要组，并且如果这些用户不共享该组的成员资格组，您可能仍然会遇到问题。）

Make sure of the value of your umask:

确保您umask的价值：

Example: 0660will make the repo read/write-able for the owner and group, but inaccessible to others (equivalent to group unless umaskis e.g. 0022).

示例：0660将使所有者和组可以读/写 repo，但其他人无法访问（相当于组，除非umask是 eg 0022）。

The solution I use is to run the command as the userthat has the permissions you want to keep:

我使用的解决方案是以具有您要保留的权限的用户身份运行命令：

sudo -u user command

In this case, it could be:

在这种情况下，它可能是：

sudo -u www-data git pull

www-databeing the apache default user on Ubuntu at least.

www-data至少是 Ubuntu 上的 apache 默认用户。

This keeps the permissions from changing. I use it when updating git repositories on my VPS, while keeping the file permissions set to the webserver user.

这可以防止权限发生变化。我在更新 VPS 上的 git 存储库时使用它，同时将文件权限设置为网络服务器用户。