I'd like to see an automatic `push` config or command option in `pass`. Maybe this could be integrated with improvements to signing. https://help.github.com/articles/signing-commits-using-gpg/
The permissions can be annoying to setup right, but one option is to use a bare git repo stored in a local directory using group permissions. https://serverfault.com/questions/26954/how-do-i-share-a-git-repository-with-multiple-users-on-a-machine On 08/22/2018 09:10 AM, Raulo Olapodrido wrote: > Hi list, > > I would like to use Ansible's pass plugin to extend Ansible with a > flexible database for sensitive information (passwords, certificates etc). > > This works very well(!) for a single user. By using gpg's group feature, > it is possible to encrypt entries for multiple users. Yay! > > Still, the pass directory is in the user's own home directories, and > have to be pulled from/pushed to a common git repository, to be shared > with everyone. > > While this is natural to some, some users not used to Git will have > problems, like forgetting to pull/push, and being unable to handle > conflicts. > > Some of that can be made easier with automatic pull/push in ~/.bashrc > and ~/.bash_logout respectively. However, a common local directory seems > more approachable to me. The problem is, that newly created files get very > restrictive file permissions, and cannot be read by other users, even of > the same group. > > I did not find remedies in the mailing list archive. Does anyone have an > idea what could be tried? > > Thanks! > > Raulo > > _______________________________________________ > Password-Store mailing list > Password-Store@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/password-store > _______________________________________________ Password-Store mailing list Password-Store@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/password-store