possible? less restrictive file permissions

William Morris me at williammorris.com
Wed Aug 22 17:47:23 CEST 2018


I'd like to see an automatic `push` config or command option in `pass`.
Maybe this could be integrated with improvements to signing.
https://help.github.com/articles/signing-commits-using-gpg/

The permissions can be annoying to setup right, but one option is to
use a bare git repo stored in a local directory using group permissions.
https://serverfault.com/questions/26954/how-do-i-share-a-git-repository-with-multiple-users-on-a-machine


On 08/22/2018 09:10 AM, Raulo Olapodrido wrote:
> Hi list,
> 
> I would like to use Ansible's pass plugin to extend Ansible with a
> flexible database for sensitive information (passwords, certificates etc).
> 
> This works very well(!) for a single user. By using gpg's group feature,
> it is possible to encrypt entries for multiple users. Yay!
> 
> Still, the pass directory is in the user's own home directories, and
> have to be pulled from/pushed to a common git repository, to be shared
> with everyone.
> 
> While this is natural to some, some users not used to Git will have
> problems, like forgetting to pull/push, and being unable to handle
> conflicts.
> 
> Some of that can be made easier with automatic pull/push in ~/.bashrc
> and ~/.bash_logout respectively. However, a common local directory seems
> more approachable to me. The problem is, that newly created files get very
> restrictive file permissions, and cannot be read by other users, even of
> the same group.
> 
> I did not find remedies in the mailing list archive. Does anyone have an
> idea what could be tried?
> 
> Thanks!
> 
> Raulo
> 
> _______________________________________________
> Password-Store mailing list
> Password-Store at lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/password-store
> 


More information about the Password-Store mailing list