Umask for documentarians on docs.nyc1.psf.io

Question

Umask for documentarians on docs.nyc1.psf.io

JulienPalard opened this issue 5 years ago · 2 comments

Currently we're all having a umask of 007, so if we create a directory the docsbuild-scripts won't be able to touch it.

@ewdurbin would it be a good idea to set it to 002 (so if we create a directory it would go as 775) and setting S_ISGID (2000) bit on /srv/docs.python.org (and all directory of the herarchy) so anything created under it is still owned by the docs group?

Answer 1 · 2019-10-29T11:07:40.000Z

That directory isn't currently managed by salt at all, so it can either be set directly by an administrator (such as yourself) or we can configure salt to manage the permissions.

Answer 2 · 2020-01-22T17:14:39.000Z

For the S_ISGID bit we can dot it, yes, but for the umask, do you think it's a good idea to move it from 007 to 002?

I don't know where this strange 007 umask come from on docs.nyc1.psf.io, there's a UMASK 027 in /etc/login.defs, which is not 007, I don't know which part gave me the 0 for the group bit.