Solved

PAM and UMASK

Posted on 2009-06-30
8
704 Views
Last Modified: 2013-12-16
Dear Experts,

I am trying to set umask globally by editing

/etc/pam.d/common-session

and adding the line

session optional pam_umask.so umask-077

after restarting, if i create a file, its permissions are

-rw-r--r--

they should be -rwx------

why is this happening?
0
Comment
Question by:narmi2
  • 5
  • 3
8 Comments
 
LVL 7

Expert Comment

by:martin_2110
ID: 24748638
Maybe 0077?
session optional pam_umask.so umask=0077

have you tried putting it in /etc/pam.d/login instead also.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748683
I thought if I use pam to set umask, I will only have to set it in one place.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748928
OK, I got it working, but because my user folder was created before umask was set, everyone can still view the contents.  While everyone else has files and folders set to umask 077.  How do I change the permissions of my home files and folders?
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 
LVL 7

Expert Comment

by:martin_2110
ID: 24749051
Sorry nevermind /etc/pam.d/common-session is the correct place to put it.

I found a small how to.
http://muzso.hu/2008/01/22/default-permissions-with-libpam-umask

==SNIP==
This will set the default umask globally, whether you log in through a shell (telnet, ssh, ...) or some other means. However don't forget to remove the umask lines from all the other places (login.defs and the various shell config files)!
==SNIP==

Maybe you need to remove or comment out the lines in /etc/login.defs. /etc/profile ~./profile
0
 
LVL 7

Accepted Solution

by:
martin_2110 earned 500 total points
ID: 24749062
chmod go-rwx /home/users
0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24749068
that will remove perms on your home dir so that only your account can access it.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24749313
Is chmod go-rwx /home/user/ recursive?

0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24750662
no but i was not sure if you wanted to wipe out all your perms on the directories. chmod -R go-rwx /home/user is recursive.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
mcrypt_create_iv() is deprecated 4 148
su - oracle could not open session 6 74
Red Hat 7 Linux on Azure cannot run a command as root 22 42
awk file 6 51
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question