Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

PAM and UMASK

Posted on 2009-06-30
8
710 Views
Last Modified: 2013-12-16
Dear Experts,

I am trying to set umask globally by editing

/etc/pam.d/common-session

and adding the line

session optional pam_umask.so umask-077

after restarting, if i create a file, its permissions are

-rw-r--r--

they should be -rwx------

why is this happening?
0
Comment
Question by:narmi2
  • 5
  • 3
8 Comments
 
LVL 7

Expert Comment

by:martin_2110
ID: 24748638
Maybe 0077?
session optional pam_umask.so umask=0077

have you tried putting it in /etc/pam.d/login instead also.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748683
I thought if I use pam to set umask, I will only have to set it in one place.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24748928
OK, I got it working, but because my user folder was created before umask was set, everyone can still view the contents.  While everyone else has files and folders set to umask 077.  How do I change the permissions of my home files and folders?
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 7

Expert Comment

by:martin_2110
ID: 24749051
Sorry nevermind /etc/pam.d/common-session is the correct place to put it.

I found a small how to.
http://muzso.hu/2008/01/22/default-permissions-with-libpam-umask

==SNIP==
This will set the default umask globally, whether you log in through a shell (telnet, ssh, ...) or some other means. However don't forget to remove the umask lines from all the other places (login.defs and the various shell config files)!
==SNIP==

Maybe you need to remove or comment out the lines in /etc/login.defs. /etc/profile ~./profile
0
 
LVL 7

Accepted Solution

by:
martin_2110 earned 500 total points
ID: 24749062
chmod go-rwx /home/users
0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24749068
that will remove perms on your home dir so that only your account can access it.
0
 
LVL 1

Author Comment

by:narmi2
ID: 24749313
Is chmod go-rwx /home/user/ recursive?

0
 
LVL 7

Expert Comment

by:martin_2110
ID: 24750662
no but i was not sure if you wanted to wipe out all your perms on the directories. chmod -R go-rwx /home/user is recursive.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it. If you've already tried to change it you've probably discovered that none of the old met…
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question