Solved

PAM and UMASK

Posted on 2009-06-30
8
697 Views
Last Modified: 2013-12-16
Dear Experts,

I am trying to set umask globally by editing

/etc/pam.d/common-session

and adding the line

session optional pam_umask.so umask-077

after restarting, if i create a file, its permissions are

-rw-r--r--

they should be -rwx------

why is this happening?
0
Comment
Question by:narmi2
  • 5
  • 3
8 Comments
 
LVL 7

Expert Comment

by:martin_2110
ID: 24748638
Maybe 0077?
session optional pam_umask.so umask=0077

have you tried putting it in /etc/pam.d/login instead also.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748683
I thought if I use pam to set umask, I will only have to set it in one place.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748928
OK, I got it working, but because my user folder was created before umask was set, everyone can still view the contents.  While everyone else has files and folders set to umask 077.  How do I change the permissions of my home files and folders?
0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24749051
Sorry nevermind /etc/pam.d/common-session is the correct place to put it.

I found a small how to.
http://muzso.hu/2008/01/22/default-permissions-with-libpam-umask

==SNIP==
This will set the default umask globally, whether you log in through a shell (telnet, ssh, ...) or some other means. However don't forget to remove the umask lines from all the other places (login.defs and the various shell config files)!
==SNIP==

Maybe you need to remove or comment out the lines in /etc/login.defs. /etc/profile ~./profile
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 7

Accepted Solution

by:
martin_2110 earned 500 total points
ID: 24749062
chmod go-rwx /home/users
0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24749068
that will remove perms on your home dir so that only your account can access it.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24749313
Is chmod go-rwx /home/user/ recursive?

0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24750662
no but i was not sure if you wanted to wipe out all your perms on the directories. chmod -R go-rwx /home/user is recursive.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now