Package: libpam-modules Version: 1.1.8-3.1+deb8u1+b1 Severity: minor Dear Maintainer,
The description of 'man pam_umask' is completely wrong. It says the following: " The PAM module tries to get the umask value from the following places in the following order: · umask= argument · umask= entry in the user's GECOS field · UMASK= entry from /etc/default/login · UMASK entry from /etc/login.defs " It is not this order at all. I tested experimentally and the real order of checking is this: 1. umask= entry in the user's GECOS field 2. umask= argument (to pam_umask.so) 3. UMASK entry from /etc/login.defs 4. UMASK= entry from /etc/default/login such that GECOS has top priority and /etc/default/login is almost useless. I checked the pam_umask source code and it confirm my experiment: " /* Parse parameters for module [ this is umask= arg] */ for ( ; argc-- > 0; argv++) parse_option (pamh, *argv, options); if (options->umask == NULL) options->umask = search_key (LOGIN_DEFS); if (options->umask == NULL) options->umask = search_key (LOGIN_CONF); " [ and GECOS override all this later ] Thank you -- System Information: Debian Release: 8.4 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.4.8-grsec-custom (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libpam-modules depends on: ii debconf [debconf-2.0] 1.5.56 ii libaudit1 1:2.4-1+b1 ii libc6 2.19-18+deb8u4 ii libdb5.3 5.3.28-9 ii libpam-modules-bin 1.1.8-3.1+deb8u1+b1 ii libpam0g 1.1.8-3.1+deb8u1+b1 ii libselinux1 2.3-2 libpam-modules recommends no packages. libpam-modules suggests no packages. -- debconf information excluded