[Bug 666668] New: /etc/login.defs contains misleading information about umask
https://bugzilla.novell.com/show_bug.cgi?id=666668 https://bugzilla.novell.com/show_bug.cgi?id=666668#c0 Summary: /etc/login.defs contains misleading information about umask Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: i586 OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: iceman@fastmail.com.au QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.2.13) Gecko/20101203 SUSE/3.6.13-0.2.1 Firefox/3.6.13 /etc/login.defs appears to be the 'one true' location to set what value umask should have by default as users login. The comment reads: "The UMASK value for useradd can be found in /etc/default/useradd, # this variable here is deprecated and currently only used as fallback # by pam_umask.so" While the bit about the useradd umask setting (which is a separate setting to the login umask setting) is true the bit about the login.defs UMASK setting being deprecated appears to be false. I've tested setting this value and it changes the default umask for all users who login. Further evidence: - the umask setting in /etc/profile is commented out (as it should be) with the comment: "The global umask value is stored in /etc/login.defs and will be set by pam_umask.so (see "man pam_umask")" - The same bug has been reported for Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/253096 https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/487729 Reproducible: Always Steps to Reproduce: 1.Open /etc/login.defs 2. 3. Actual Results: The comment says the UMASK value is deprecated Expected Results: The comment should say that the UMASK value "is used by the PAM system as the system-wide default setting for all users who login. The permissions on the home directories of new users can be set using the useradd umask value in /etc/defaults/useradd" (or something to that effect). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666668
https://bugzilla.novell.com/show_bug.cgi?id=666668#c
wei wang
https://bugzilla.novell.com/show_bug.cgi?id=666668
https://bugzilla.novell.com/show_bug.cgi?id=666668#c1
Thorsten Kukuk
https://bugzilla.novell.com/show_bug.cgi?id=666668
https://bugzilla.novell.com/show_bug.cgi?id=666668#c2
--- Comment #2 from Tim Edwards
https://bugzilla.novell.com/show_bug.cgi?id=666668
https://bugzilla.novell.com/show_bug.cgi?id=666668#c3
--- Comment #3 from Thorsten Kukuk
Is this correct?
No really, you should modify the already existing entry in /etc/pam.d/common-session In your example, only people trying to login on the console get the umask value, but not people using xdm, kdm, gdm, ... Best way to do so is to use pam-config: pam-config -a --umask --umask-umask=0022 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=666668
https://bugzilla.novell.com/show_bug.cgi?id=666668#c4
--- Comment #4 from Tim Edwards
participants (1)
-
bugzilla_noreply@novell.com