possible? less restrictive file permissions

Frank Thommen f.thommen at dkfz-heidelberg.de
Thu Aug 23 09:14:14 CEST 2018

Hi Raulo,

On 08/23/2018 08:04 AM, Raulo Olapodrido wrote:
> Hi all,
> thank you for your suggestions, but a commonly shared local git
> repository is not what I am looking for. I am rather seeking ways to
> just use something like
> PASSWORD_STORE_DIR=/var/local/password-store pass
> and have all users directly work in that directory, git aside.
> This currently is not possible, because new files (for example generated
> via "pass insert") are getting a file permission mask of 0600, and no
> other user than its creator can read its contents.
> The restrictive permission mask may be good practice, but seems to be
> unnessecary, because the content is already protected by the encryption.
> Furthermore, it disables the use of a commonly shared password store.
> Or am I missing something?

yes, you are missing the pass manpage :-): $PASSWORD_STORE_UMASK sets 
the umask for the password store.  As I alredy wrote, we are using a 
shared directory (NFS share, no git) in the group and it works just fine.


More information about the Password-Store mailing list