?
Solved

PAM and UMASK

Posted on 2009-06-30
8
Medium Priority
?
735 Views
Last Modified: 2013-12-16
Dear Experts,

I am trying to set umask globally by editing

/etc/pam.d/common-session

and adding the line

session optional pam_umask.so umask-077

after restarting, if i create a file, its permissions are

-rw-r--r--

they should be -rwx------

why is this happening?
0
Comment
Question by:narmi2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 7

Expert Comment

by:martin_2110
ID: 24748638
Maybe 0077?
session optional pam_umask.so umask=0077

have you tried putting it in /etc/pam.d/login instead also.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748683
I thought if I use pam to set umask, I will only have to set it in one place.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748928
OK, I got it working, but because my user folder was created before umask was set, everyone can still view the contents.  While everyone else has files and folders set to umask 077.  How do I change the permissions of my home files and folders?
0
More Than Just A Video Library

Train for your certification. Learn the latest DevOps tools. Grow your skillset to do better work.

At Linux Academy, we release new training modules every week so you'll always be up to date on the latest tech.

 
LVL 7

Expert Comment

by:martin_2110
ID: 24749051
Sorry nevermind /etc/pam.d/common-session is the correct place to put it.

I found a small how to.
http://muzso.hu/2008/01/22/default-permissions-with-libpam-umask

==SNIP==
This will set the default umask globally, whether you log in through a shell (telnet, ssh, ...) or some other means. However don't forget to remove the umask lines from all the other places (login.defs and the various shell config files)!
==SNIP==

Maybe you need to remove or comment out the lines in /etc/login.defs. /etc/profile ~./profile
0
 
LVL 7

Accepted Solution

by:
martin_2110 earned 2000 total points
ID: 24749062
chmod go-rwx /home/users
0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24749068
that will remove perms on your home dir so that only your account can access it.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24749313
Is chmod go-rwx /home/user/ recursive?

0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24750662
no but i was not sure if you wanted to wipe out all your perms on the directories. chmod -R go-rwx /home/user is recursive.
0

Featured Post

Setting up LaraDock for Laravel

Learn how to set up LaraDock in a Laravel project - LaraDock gives us an easy way to run a Laravel application using Docker in a single command.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

1. Introduction As many people are interested in Linux but not as many are interested or knowledgeable (enough) to install Linux on their system, here is a safe way to try out Linux on your existing (Windows) system. The idea is that you insta…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question