The solution I have used in the past is to change the umask in /etc/profile and /etc/login.defs to 002. You have to do both, otherwise files added via ssh and other means don't get the right mask. The disadvantage is that now all files get created as 775,664, when you only really need it for one directory. There is a better way, enter filesystem acls.
First, change your /etc/fstab to include the 'acl' option for the mount point where your repo resides:
/dev/sda1 / ext3 defaults,acl 0 0
Do some of the regular prep to make sure you files are owned right, and dirs have the sticky bit set.
chown -R user:group /code
chown -R g+w /code
find /code -type d -exec chmod g+s {} \;
Use setfacl to set the default acls for new files and directories:
setfacl -R -m d:u::rwx,d:g::rwx,d:o:r-x /code
And check the result with 'getfacl'. Also when you use 'ls', you should see a '+' at the end of the usual permissions string that indicates there are more acls:
drwxrwsr-x+
No comments:
Post a Comment