- deploy.sh: set /etc/pipekit to root:pipekit 0775 and secrets.env to pipekit:pipekit 0640 so group members can run 'pipekit secrets set' without sudo - cli.py secrets set: drop os.chown() on temp file — non-root users can't chown to the pipekit service user, and os.replace() preserves the target file's ownership anyway Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .archive/pre-rewrite | ||
| bin | ||
| pipekit | ||
| systemd | ||
| .gitignore | ||
| CLAUDE.md | ||
| config.yaml | ||
| deploy.sh | ||
| pipekit.db | ||
| requirements.txt | ||
| SPEC.md | ||