Hi Simo, We are using "session optional *pam_oddjob_mkhomedir*.so umask=0077"
*Best Regards,* *__________________________________________* *Yogesh Sharma* *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in <http://www.initd.in/> * *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> <https://twitter.com/checkwithyogesh> <http://google.com/+YogeshSharmaOnGooglePlus> On Mon, Aug 24, 2015 at 12:21 AM, Simo Sorce <s...@redhat.com> wrote: > On Sun, 2015-08-23 at 12:06 +0530, Yogesh Sharma wrote: > > Typo: Umask set is 0077, then the permission should be 700, though we are > > getting 755. > > Where are you setting this mask ? > And what pam helper do you use to create the home dirs ? > pam_mkhomedir ? ot pam_oddjob_mkhomedir ? > > Simo. > > > *Best Regards,* > > > > *__________________________________________* > > > > *Yogesh Sharma* > > *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in > > <http://www.initd.in/> * > > > > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* > > > > <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> > > <https://twitter.com/checkwithyogesh> > > <http://google.com/+YogeshSharmaOnGooglePlus> > > > > On Sun, Aug 23, 2015 at 12:00 PM, Yogesh Sharma <yks0...@gmail.com> > wrote: > > > > > Hi, > > > > > > FreeIPA users are getting their home directory with default permission > of > > > 755 instead of 700. > > > > > > I have checked the pam.d configuration and the umask set there for > > > mkhomedir.so is 0700, however home dir permission are not according to > this. > > > > > > Is there somewhere else we need to add the umask to make it 700. Please > > > suggest. > > > > > > *Best Regards,* > > > > > > *__________________________________________* > > > > > > *Yogesh Sharma* > > > *Email: yks0...@gmail.com <yks0...@gmail.com> | Web: www.initd.in > > > <http://www.initd.in/> * > > > > > > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified* > > > > > > <https://www.fb.com/yks0000> <http://in.linkedin.com/in/yks0000> > > > <https://twitter.com/checkwithyogesh> > > > <http://google.com/+YogeshSharmaOnGooglePlus> > > > > > > -- > Simo Sorce * Red Hat, Inc * New York > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project