|
|
|
@ -214,6 +214,10 @@
|
|
|
|
|
manually to update permissions. This feature is enabled by
|
|
|
|
|
default.
|
|
|
|
|
|
|
|
|
|
yadm.auto-private-dirs
|
|
|
|
|
Disable the automatic creating of private directories described
|
|
|
|
|
in the section PERMISSIONS.
|
|
|
|
|
|
|
|
|
|
yadm.ssh-perms
|
|
|
|
|
Disable the permission changes to $HOME/.ssh/*. This feature is
|
|
|
|
|
enabled by default.
|
|
|
|
@ -423,12 +427,9 @@
|
|
|
|
|
|
|
|
|
|
## PERMISSIONS
|
|
|
|
|
When files are checked out of a Git repository, their initial permis-
|
|
|
|
|
sions are dependent upon the user's umask. This can result in confiden-
|
|
|
|
|
tial files with lax permissions.
|
|
|
|
|
|
|
|
|
|
To prevent this, yadm will automatically update the permissions of con-
|
|
|
|
|
fidential files. The "group" and "others" permissions will be removed
|
|
|
|
|
from the following files:
|
|
|
|
|
sions are dependent upon the user's umask. Because of this, yadm will
|
|
|
|
|
automatically update the permissions of some file paths. The "group"
|
|
|
|
|
and "others" permissions will be removed from the following files:
|
|
|
|
|
|
|
|
|
|
- $HOME/.yadm/files.gpg
|
|
|
|
|
|
|
|
|
@ -440,8 +441,20 @@
|
|
|
|
|
|
|
|
|
|
yadm will automatically update permissions by default. This can be dis-
|
|
|
|
|
abled using the yadm.auto-perms configuration. Even if disabled, per-
|
|
|
|
|
missions can be manually updated by running yadm perms. The SSH direc-
|
|
|
|
|
tory processing can be disabled using the yadm.ssh-perms configuration.
|
|
|
|
|
missions can be manually updated by running yadm perms. The .ssh
|
|
|
|
|
directory processing can be disabled using the yadm.ssh-perms configu-
|
|
|
|
|
ration. The .gnupg directory processing can be disabled using the
|
|
|
|
|
yadm.gpg-perms configuration.
|
|
|
|
|
|
|
|
|
|
When cloning a repo which includes data in a .ssh or .gnupg directory,
|
|
|
|
|
if those directories do not exist at the time of cloning, yadm will
|
|
|
|
|
create the directories with mask 0700 prior to merging the fetched data
|
|
|
|
|
into the work-tree.
|
|
|
|
|
|
|
|
|
|
When running a Git command and .ssh or .gnupg directories do not exist,
|
|
|
|
|
yadm will create those directories with mask 0700 prior to running the
|
|
|
|
|
Git command. This can be disabled using the yadm.auto-private-dirs
|
|
|
|
|
configuration.
|
|
|
|
|
|
|
|
|
|
## HOOKS
|
|
|
|
|
For every command yadm supports, a program can be provided to run
|
|
|
|
|