Browse Source

Add recommendation for using a private repository

pull/1/head
Tim Byrne 7 years ago
parent
commit
135ed8d4b7
  1. 3
      yadm.1
  2. 8
      yadm.md

3
yadm.1

@ -336,6 +336,9 @@ and provide the correct password. @@ -336,6 +336,9 @@ and provide the correct password.
After files are decrypted, permissions are automatically updated as described
in the PERMISSIONS section.
.BR NOTE :
It is recommended that you keep confidential files in a private repository,
even though they are encrypted.
.SH PERMISSIONS
When files are checked out of a Git repository, their initial permissions are
dependent upon the user's umask. This can result in confidential files with lax permissions.

8
yadm.md

@ -214,14 +214,16 @@ @@ -214,14 +214,16 @@
provide the correct password. After files are decrypted, permissions
are automatically updated as described in the PERMISSIONS section.
NOTE: It is recommended that you keep confidential files in a private
repository, even though they are encrypted.
## PERMISSIONS
When files are checked out of a Git repository, their initial permis-
When files are checked out of a Git repository, their initial permis-
sions are dependent upon the user's umask. This can result in confiden-
tial files with lax permissions.
To prevent this, yadm will automatically update the permissions of con-
fidential files. The "group" and "others" permissions will be removed
fidential files. The "group" and "others" permissions will be removed
from the following files:
- $HOME/.yadm/files.gpg
@ -231,7 +233,7 @@ @@ -231,7 +233,7 @@
- The SSH directory and files, .ssh/*
yadm will automatically update permissions by default. This can be dis-
abled using the yadm.auto-perms configuration. Even if disabled, per-
abled using the yadm.auto-perms configuration. Even if disabled, per-
missions can be manually updated by running yadm perms. The SSH direc-
tory processing can be disabled using the yadm.ssh-perms configuration.

Loading…
Cancel
Save