From: Stefan Sperling Subject: Re: got send – got-send-pack: unexpected end of file To: Sylvain Saboua Cc: Gameoftrees Date: Sat, 17 Jan 2026 10:26:10 +0100 On Sat, Jan 17, 2026 at 12:19:36AM +0100, Sylvain Saboua wrote: > On 2026-01-16 23:57, Sylvain Saboua wrote: > > Problem solved ! I forgot to fix the permissions when tinkering with the > > hierarchy of my repertoires. > > Would you please tell me if this looks reasonable : > > nvm, I did as you advised in a previous email : > https://marc.info/?l=gameoftrees&m=176544472821318&w=2 > > $ cd /home/git > $ doas chown -R _gotd:_gotwebd . > $ doas chmod 750 . * > > Seems to work all round now, although I'm curious as per the 'correct' > permissions, if any (?) Ideally, only _gotd is allowed to read/write repositories, and nobody else is allowed to even read them. Otherwise, if we set a 'deny' rule in /etc/gotd.conf for a user which uses a regular shell rather than gotsh, this user might still be able to directly access repositories on disk anyway, bypassing the 'deny' access rule. Allowing _gotwebd to read repositories is fine if you intend to run gotwebd. Otherwise this is not needed. Similar permit/deny rules can be set for other users in /etc/gotwebd.conf, allowing or denying read access.