Search code examples
mercurialfile-permissionspost-update

Permissions are too open after pushing from Windows to Bitbucket, then pulling to a Linux server?


I write code on my local machine. I push the code to a Mercurial repo in Bitbucket. Then, I log into the client's webserver and "pull/update" from the Bitbucket repo to the server.

The problem is the that their account is on a shared server, running suphp, and the security settings only allow suphp to serve files chmod'ed 644 (-rw-r--r--). But every time I pull from the Bitbucket repo, the file permissions change to 664 (-rw-rw-r--).

This is not a problem of too strict permission, as others have had trying to sync Hg repos. Nor is it an issue of Mercurial NOT copying the file permissions. (Hg used to copy only the eXecute bit, but now copies all permissions.)

I suspect that I could change the permissions somehow on my Windows machine to be more restrictive and that may fix it, but I'm not sure how Windows permissions translate into Linux "owner/group/world" settings. (The files on my Windows machine allow "Full Control" to the my account, the "Administrators" Group, and "SYSTEM", all permissions they inherit from the containing folder, which is within My Documents.)

Does anyone have a solution to this problem? Could I do a post-update hook on the Linux box to chmod 644 find . -type f?


Solution

  • set umask in your login profile, e.g. ~/.bash_profile

    umask 033
    

    man umask for details.