Unmask Problems - Hoary 5.01
Michael R. Head
burner at suppressingfire.org
Mon Jan 2 20:05:01 UTC 2006
OK, I just saw this in login.defs:
# UMASK usage is discouraged because it catches only some classes of user
# entries to system, in fact only those made through login(1), while setting
# umask in shell rc file will catch also logins through su, cron, ssh etc.
# At the same time, using shell rc to set umask won't catch entries which use
# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
# user and alike.
# Therefore the use of pam_umask is recommended (Debian package libpam-umask)
# as the solution which catches all these cases on PAM-enabled systems.
I guess you want http://packages.ubuntu.com/breezy/admin/libpam-umask
And then you want to edit whichever files in /etc/pam.d/ (perhaps
'common-session') that you want to have umask set. Here's what the line
should look like:
session optional pam_umask.so umask=002
On Mon, 2006-01-02 at 13:40 -0600, Bobby Sanders wrote:
> On Mon, 2006-01-02 at 14:14 -0500, Michael R. Head wrote:
> > On Mon, 2006-01-02 at 12:53 -0600, Bobby Sanders wrote:
> > > I want my default unmask to be 002 for all the users on my small office
> > > system. I have tried changing it in /etc/login.defs, i.e I changed the
> > > line;
> > >
> > > UNMASK 022
> > >
> > > to
> > >
> > > UNMASK 002
> > >
> > > rebooted, created a new file and the permissions were still -rw-r--r--
> > >
> > > What am I missing? I know this has worked on other *nixs in the
> > > past! :(
> > Well, first of all, that should be UMASK, not UNMASK, second of all,
> Thanks for pointing out my mispulling. :)
> > that line is by default commented out, so maybe you have to uncomment
> > it.
> >From my /etc/login.defs file:
> # Prefix these values with "0" to get octal, "0x" to get hexadecimal.
> ERASECHAR 0177
> KILLCHAR 025
> UMASK 022
> #ULIMIT 2097152
> # Password aging controls:
> When I change the 022 to 002. Nothing happens.
> > Third of all, double check that you aren't setting a umask in
> > your .bash_profile or .bashrc or /etc/bash.bashrc.
> Just checked them again. No mention of umask there except
> for .bashrc_profile, which is commented out. I tried uncommenting it
> and changing the 022 to 002. Still no luck. Perhaps I made a typo.
> I'll try it again.
Michael R. Head <burner at suppressingfire.org>
GPG: http://www.suppressingfire.org/~burner/gpg.key.txt [0x4C9DA1D0]
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 189 bytes
Desc: This is a digitally signed message part
More information about the ubuntu-users