Re: libpam_umask setup

On Apr 30, 12:30 pm, NN_il_Confusionario <pinkof.pal...@xxxxxxxxxxxxx>
wrote:
* From: Bug <recvf...@xxxxxxxxx>
But when I login in, I still get umask 022. What step am I missing?

I do not use pam_umask , but:

(1) /usr/share/doc/libpam-umask/README says:

If a user has a .pam_umask
in his home directory, the contents will be used to set the umask.

(2) Linkname: pam_umask(8) - Linux man page
URL:http://linux.die.net/man/8/pam_umask
says

The PAM module tries to get the umask value from the following places in the following
order:
* umask= argument
* umask= entry of the users GECOS field
* pri= entry of the users GECOS field
* ulimit= entry of the users GECOS field
* UMASK= entry from /etc/default/login
* UMASK entry from /etc/login.defs

It also speaks about a debug option.

Looking at the sources (apt-get source libpam-umask), I dubt that the
man page applies to the debian version of libpam-umask, but a look at
the above files (/etc/passwd) might be worthy.

Yes, the source doesn't indicate anything like that. It tried
~/.pam_umask
and then the "system" umask, passed as a argument in the form
umask=[N]NNN.

I find this package a bit maddening. It mixes hyphens and underscores
in names,
paths, etc. Although I have to admit, I've never seen a Debian
package name with
an underscore in the name, so if that's the constraint, it can cause
confusion.

The documentation is lacking some detail too, e.g. only by looking at
the source
would you know that the ~/.pam_umask file should only contain [N]NNN,
and not
umask=[N]NNN, or some other form. Where does one make suggestions
for
improvement? To the package maintainer?

(3) perhaps a

# strace -f -o /tmp/login.strace.log login -f user

might help

Those were all good suggestions, but when I tried the last one and
found the
umask set as I expected, I went hunting. I was logging in via ssh
using public
key authentication, and UsePAM was set to 'no' in my /etc/ssh/
sshd_config
file. My fault entirely! Now fixed and working properly. But
perhaps the
lively discussion found at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314539
deserved another caveat.

Thanks for the pointers -- you saved the day!!!

-r


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

Relevant Pages

  • Re: libpam_umask setup
    ... I still get umask 022. ... umask= entry of the users GECOS field ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: umask in X different to bash
    ... Rich wrote: ... > did you ever find out how to control UMASK for X? ... I struggled with the umask about a month ago with KDE. ... With this package, you can control the default umask which is set after ...
    (Debian-User)
  • Re: Mounting Vfat file system and umask
    ... > adding an entry in fstab. ... > system as a user and I suspect it is because of an incorrect umask. ... I'm able to write to that windows drive with that entry in my /etc/fstab. ...
    (comp.os.linux)
  • Re: Mounting Vfat file system and umask
    ... > adding an entry in fstab. ... > system as a user and I suspect it is because of an incorrect umask. ... I'm able to write to that windows drive with that entry in my /etc/fstab. ...
    (alt.os.linux)
  • Re: Mounting Vfat file system and umask
    ... >>I have a Vfat file system which I am able to successfully mount by ... >>adding an entry in fstab. ... >>system as a user and I suspect it is because of an incorrect umask. ...
    (alt.os.linux)