Currently "portage --sync" creates new files/directories in the local repository according the active umask setting which typically results to files which are only writable by the owner but nobody else.

This makes it impossible for any other user than root to use "emerge --sync" even it that user is a proper member of the "portage" group. Portage should explicitly set the file permissions after sync and not rely on the umask setting (which may vary depending on the current user).

Bonus, if there was an configuration option (e.g. in /etc/portage/repos.d/) which allows to set the intended file permissions.

Steps to reproduce the issue:

 1. Add a user (e.g. "foo") to the group "portage"
 2. Gentoo FEATURES: userfetch userpriv usersandbox usersync
 3. Ensure that the /var/db/repos (and all descendents) are owned by "portage:portage" with access mode 2775 for directories and 0664 for files. The setgid flag for directories ensures that newly created directories/files are also owned by the portage group (instead of the primary group of the effective user).
 4. Run "emerge --sync" as one user
 5. Run "emerge --sync" as another user

Observed behaviour:

In case a non-root user (e.g. "foo") runs "emerge --sync", the files/directories are owned by "foo:portage" (thanks to the setgid flag), but only the owner "foo" has write permissions.

In case root runs "emerge --sync", the files/directories are owned by "portage:portage" (as emerge drops privileges to "portage" thanks to the "usersync" feature), but only the owner "portage" has write permissions.

In either case the second "emerge --sync" as another user fails even if root runs "emerge --sync" the second time.

Expected behaviour:

Freshly sync files/directories should be writable by the "portage" group such that whoever runs "emerge --sync" next can do so.