Raulo Olapodrido <[email protected]> writes:
and have all users directly work in that directory, git aside.
This currently is not possible, because new files (for example
generated via "pass insert") are getting a file permission mask
of 0600, and no other user than its creator can read its
contents.
The restrictive permission mask may be good practice, but seems
to be unnessecary, because the content is already protected by
the encryption. Furthermore, it disables the use of a commonly
shared password store.
It looks like pass applies umask of 077 by default, but you can
set a less restrictive mask by setting PASSWORD_STORE_UMASK to a
value of your liking. E.g., «export PASSWORD_STORE_UMASK=007»
should give full access to your user group for newly created
files.
However, sharing a git repository and working directory among
multiple users might cause you some problems (which you may
already have considered). E.g., users might interact with the
repository without using a permissive umask (either by not setting
PASSWORD_STORE_UMASK or by using git directly with their default
umask) or with their primary user group set to something
unexpected.
Kind regards,
SR
--
Insane cobra split the wood
Trader of the lowland breed
Call a jittney, drive away
In the slipstream we will stay
_______________________________________________
Password-Store mailing list
[email protected]
https://lists.zx2c4.com/mailman/listinfo/password-store
