Unmask Problems - Hoary 5.01

Bobby Sanders ssanders at ssvzc.com
Tue Jan 3 01:33:38 UTC 2006


I thought I had already mailed this reply.  Sorry.

On Mon, 2006-01-02 at 15:05 -0500, Michael R. Head wrote:
> OK, I just saw this in login.defs:
> 
> # UMASK usage is discouraged because it catches only some classes of user
> # entries to system, in fact only those made through login(1), while setting
> # umask in shell rc file will catch also logins through su, cron, ssh etc.
> #
> # At the same time, using shell rc to set umask won't catch entries which use
> # non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
> # user and alike.
> #
> # Therefore the use of pam_umask is recommended (Debian package libpam-umask)
> # as the solution which catches all these cases on PAM-enabled systems.

This paragraph wasn't in my login.defs, ethier, but it certainly worth
checking out which I will have to wait until later to do.

Thanks

Bobby


> 
> I guess you want http://packages.ubuntu.com/breezy/admin/libpam-umask
> 
> And then you want to edit whichever files in /etc/pam.d/ (perhaps
> 'common-session') that you want to have umask set. Here's what the line
> should look like:
> 
> session    optional     pam_umask.so umask=002
> 
> 
> On Mon, 2006-01-02 at 13:40 -0600, Bobby Sanders wrote:
> > On Mon, 2006-01-02 at 14:14 -0500, Michael R. Head wrote:
> > > On Mon, 2006-01-02 at 12:53 -0600, Bobby Sanders wrote:
> > > > I want my default unmask to be 002 for all the users on my small office
> > > > system.  I have tried changing it in /etc/login.defs, i.e I changed the
> > > > line;
> > > > 
> > > > UNMASK	022
> > > > 
> > > > to
> > > > 
> > > > UNMASK	002
> > > > 
> > > > rebooted, created a new file and the permissions were still -rw-r--r--
> > > > 
> > > > What am I missing?  I know this has worked on other *nixs in the
> > > > past!  :(
> > > 
> > > Well, first of all, that should be UMASK, not UNMASK, second of all,
> > 
> > Thanks for pointing out my mispulling. :)
> > 
> > > that line is by default commented out, so maybe you have to uncomment
> > > it.
> > 
> > >From my /etc/login.defs file:
> > 
> > "...
> > # Prefix these values with "0" to get octal, "0x" to get hexadecimal.
> > #
> > ERASECHAR       0177
> > KILLCHAR        025
> > UMASK           022
> > #ULIMIT         2097152
> > 
> > #
> > # Password aging controls:
> > ..."
> > 
> > When I change the 022 to 002.  Nothing happens.
> > 
> > >  Third of all, double check that you aren't setting a umask in
> > > your .bash_profile or .bashrc or /etc/bash.bashrc.
> > 
> > Just checked them again.  No mention of umask there except
> > for .bashrc_profile, which is commented out.  I tried uncommenting it
> > and changing the 022 to 002.  Still no luck.  Perhaps I made a typo.
> > I'll try it again.
> > 
> > Thanks,
> > 
> > Bobby
> > 
> > 




More information about the ubuntu-users mailing list