Received: from spf5.us4.outblaze.com (spf5.us4.outblaze.com [205.158.62.27]) by sdf.lonestar.org (8.13.1/8.12.10) with ESMTP id j13L6gNw003432 for ; Thu, 3 Feb 2005 21:06:44 GMT Received: from lists.gnu.org (lists.gnu.org [199.232.76.165]) by spf5.us4.outblaze.com (Postfix) with ESMTP id 887AE77160 for ; Thu, 3 Feb 2005 21:07:28 +0000 (GMT) Received: from localhost ([127.0.0.1] helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1CwoP1-0000xf-0h for migo@homemail.com; Thu, 03 Feb 2005 16:20:39 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1CwoNx-0000iZ-Ju for gnu-arch-users@gnu.org; Thu, 03 Feb 2005 16:19:33 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1CwoNq-0000dN-D4 for gnu-arch-users@gnu.org; Thu, 03 Feb 2005 16:19:28 -0500 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1CwoNq-0000cX-2A for gnu-arch-users@gnu.org; Thu, 03 Feb 2005 16:19:26 -0500 Received: from [129.255.60.186] (helo=ct.radiology.uiowa.edu) by monty-python.gnu.org with esmtp (Exim 4.34) id 1Cwo59-0005eQ-1M for gnu-arch-users@gnu.org; Thu, 03 Feb 2005 16:00:07 -0500 Received: from [192.168.1.11] (12-217-241-0.client.mchsi.com [12.217.241.0]) by ct.radiology.uiowa.edu (8.11.6/8.11.6) with ESMTP id j13L04330250; Thu, 3 Feb 2005 15:00:04 -0600 Message-ID: <420290CE.1020700@arbash-meinel.com> Date: Thu, 03 Feb 2005 14:59:58 -0600 From: John A Meinel User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Colin Fox Subject: Re: [Gnu-arch-users] umask and permissions References: <42028BB4.3090100@cfconsulting.ca> In-Reply-To: <42028BB4.3090100@cfconsulting.ca> X-Enigmail-Version: 0.89.5.0 X-Enigmail-Supports: pgp-inline, pgp-mime Cc: gnu-arch-users@gnu.org X-BeenThere: gnu-arch-users@gnu.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: a discussion list for all things arch-ish List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: multipart/mixed; boundary="===============1854635527==" Sender: gnu-arch-users-bounces+migo=homemail.com@gnu.org Errors-To: gnu-arch-users-bounces+migo=homemail.com@gnu.org Status: RO Content-Length: 2956 Lines: 94 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============1854635527== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig64F949DB8E6D5D96BEFB996A" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig64F949DB8E6D5D96BEFB996A Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Colin Fox wrote: > Hi, all. > > I'd like to configure things such that when I update my archive, the new > update in the archive has the flags rwxrwx---, or even rwxrws---. I've > got my umask on my work machine to be 007, and the same on the archive > machine, but I'm getting rwxr-s---. > > Can anyone suggest anything? This may sound offtopic, but I'm trying to > work with a few developers on the same archive, and if I commit > something, they're not able to update unless I go into the archive and > manually override the permissions. We're all in the same group (devel), > so that's what I'd like to use to control access. > > Is the file mask being set by sshd (this is an sftp access archive), by > the source machine, the archive machine, or something else? > > Thanks > ~ cf I think it is a mix of the system settings and ssh. On my archive machine I have in /etc/profile if [ `id -u` -gt 99 ]; then umask 002 else umask 022 fi So that everyone who uses that machine gets a default umask of 002 (unless they are a service). This isn't optimal for some machines, but it works for mine. I assume you set your umask in .bashrc (or it's equivalent). I don't think that is loaded by sftp. Have you checked this page? http://wiki.gnuarch.org/moin.cgi/Centralized_20Development It offers a few solutions. One involving using a simple shell wrapper around sftp to set the umask before calling the real sftp. Another one is to use a custom ssh-key for arch, which automatically runs your wrapper script instead of sftp. I'm guessing one of the permutations will work for you. John =:-> --------------enig64F949DB8E6D5D96BEFB996A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (Cygwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCApDOJdeBCYSNAAMRAmjwAJ0eUuhYRI9GX4RbUzJ7Q1X1MwLh6wCgnAfE Xc2Jv8wqkF5zJrlP1Nkoimk= =Vv9J -----END PGP SIGNATURE----- --------------enig64F949DB8E6D5D96BEFB996A-- --===============1854635527== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Gnu-arch-users mailing list Gnu-arch-users@gnu.org http://lists.gnu.org/mailman/listinfo/gnu-arch-users GNU arch home page: http://savannah.gnu.org/projects/gnu-arch/ --===============1854635527==--