possible? less restrictive file permissions

Raulo Olapodrido raulo at olapodrido.xyz
Thu Aug 23 09:16:35 CEST 2018


you are absolutely right! Sorry I missed it. Thanks a lot for pointing
it out!

Kind regards

Am 23.08.18 um 09:14 schrieb Frank Thommen:
> Hi Raulo,
> On 08/23/2018 08:04 AM, Raulo Olapodrido wrote:
>> Hi all,
>> thank you for your suggestions, but a commonly shared local git
>> repository is not what I am looking for. I am rather seeking ways to
>> just use something like
>> PASSWORD_STORE_DIR=/var/local/password-store pass
>> and have all users directly work in that directory, git aside.
>> This currently is not possible, because new files (for example generated
>> via "pass insert") are getting a file permission mask of 0600, and no
>> other user than its creator can read its contents.
>> The restrictive permission mask may be good practice, but seems to be
>> unnessecary, because the content is already protected by the encryption.
>> Furthermore, it disables the use of a commonly shared password store.
>> Or am I missing something?
> yes, you are missing the pass manpage :-): $PASSWORD_STORE_UMASK sets
> the umask for the password store.  As I alredy wrote, we are using a
> shared directory (NFS share, no git) in the group and it works just fine.
> frank

More information about the Password-Store mailing list