[opensuse] Default umask for new users, where?
Hi list, - this is a short one... - when I create a new user, the home-dir for that user is created with a umask of 022. I wish to use, say, 077. Where do I set that, so when creating yet another new user, his home-dir will have rwx --- --- (0700)?? -- (SuSE10.2, plain vanilla) ------------------------------------------------------------------------- Med venlig hilsen/Best regards Verner Kjærsgaard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Gaël Lams wrote:
- when I create a new user, the home-dir for that user is created with a umask of 022. I wish to use, say, 077. Where do I set that, so when creating yet another new user, his home-dir will have rwx --- --- (0700)??
in /etc/profile.local: umask 077
Or even better, Yast, Security and Users, Expert Options, Default for New User, Umask for Home Directory -- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Tirsdag 13 marts 2007 10:38 skrev Joe Morris (NTM):
Gaël Lams wrote:
- when I create a new user, the home-dir for that user is created with a umask of 022. I wish to use, say, 077. Where do I set that, so when creating yet another new user, his home-dir will have rwx --- --- (0700)??
in /etc/profile.local: umask 077
Or even better, Yast, Security and Users, Expert Options, Default for New User, Umask for Home Directory
-- Joe Morris Registered Linux user 231871 running openSUSE 10.2 x86_64
Thank you to all. Yes, your answers concur with what I thought. Only, it only works for users local to the machine, i.e. they exist in /etc/passwd and so forth. For users being authenticated - and hence auto created - by means of winbind and AD, it doesn't work. It's got to be somewhere else, perhaps on the AD machine (sigh..). Well, I still learned from this, I didn't know about the YaST thing... Thanks again! -- ------------------------------------------------------------------------- Med venlig hilsen/Best regards Verner Kjærsgaard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Hi,
Yes, your answers concur with what I thought. Only, it only works for users local to the machine, i.e. they exist in /etc/passwd and so forth. For users being authenticated - and hence auto created - by means of winbind and AD, it doesn't work. It's got to be somewhere else, perhaps on the AD machine (sigh..).
You probably should have say that it was not for local users ;-) I don't use AD to authenticate my users and I never have had to configure winbind but I immagine that winbind's configuration uses pam, which is what I use with my ldap back-end. Probably all you have to do is to modify /etc/pam.d/common-session so that when ldap/AD users login the home directory is created with the right umask (see below). Regards, Gaël lams@aruana:~> less /etc/pam.d/common-session # # /etc/pam.d/common-session - session-related modules common to all services session required pam_limits.so session required pam_unix2.so session required pam_mkhomedir.so skel=/etc/skel/ umask=077
Tirsdag 13 marts 2007 13:32 skrev Gaël Lams:
Hi,
Yes, your answers concur with what I thought. Only, it only works for users local to the machine, i.e. they exist in /etc/passwd and so forth. For users being authenticated - and hence auto created - by means of winbind and AD, it doesn't work. It's got to be somewhere else, perhaps on the AD machine (sigh..).
You probably should have say that it was not for local users ;-)
I don't use AD to authenticate my users and I never have had to configure winbind but I immagine that winbind's configuration uses pam, which is what I use with my ldap back-end. Probably all you have to do is to modify /etc/pam.d/common-session so that when ldap/AD users login the home directory is created with the right umask (see below).
Regards,
Gaël lams@aruana:~> less /etc/pam.d/common-session # # /etc/pam.d/common-session - session-related modules common to all services
session required pam_limits.so session required pam_unix2.so session required pam_mkhomedir.so skel=/etc/skel/ umask=077
Hi Gaël and list, - sorry for not mentioning it. I didn't realize, until later, that it's two very different things. Your advice looks really good, I shall try it out. Thanks a lot! -- ------------------------------------------------------------------------- Med venlig hilsen/Best regards Verner Kjærsgaard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Tirsdag 13 marts 2007 13:57 skrev Verner Kjærsgaard:
Tirsdag 13 marts 2007 13:32 skrev Gaël Lams:
Hi,
[..]
session required pam_limits.so session required pam_unix2.so session required pam_mkhomedir.so skel=/etc/skel/ umask=077
Hi Gaël and list,
- sorry for not mentioning it. I didn't realize, until later, that it's two very different things. Your advice looks really good, I shall try it out. Thanks a lot!
-- ------------------------------------------------------------------------- Med venlig hilsen/Best regards Verner Kjærsgaard
Yep, that's it. Works just fine! Only the /etc/common-session file contains a warning that states it is autogenerated from pam-config and thus will be overwritten (eventually). Well that's another matter I shall have to dig into. Again thanks a lot! -- ------------------------------------------------------------------------- Med venlig hilsen/Best regards Verner Kjærsgaard -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Gaël Lams
-
Joe Morris (NTM)
-
Verner Kjærsgaard