Comment # 9 on bug 1217414 from Charles Wight

I am going to GUESS that yast is modifying "/etc/login.defs", which is part of
pam.

I played with this some time back and could not find a way to exclude root.

See the pam_umask man page:

The PAM module tries to get the umask value from the following places in the
following order:

       •   umask= entry in the user's GECOS field

       •   umask= argument

       •   UMASK= entry from /etc/login.defs

       •   UMASK= entry from /etc/default/login

The GECOS field is split on comma ',' characters. The module also in addition
to the umask= entry recognizes pri= entry, which sets the nice priority
value for the session, and ulimit= entry, which sets the maximum size of files
the processes in the session can create.