Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

[Yogesh Sharma]

Thanks Simo and Jakub.

-Yogesh Sharma

(Sent from my HTC)
On 31-Aug-2015 5:10 pm, "Jakub Hrozek"  wrote:

> On Tue, Aug 25, 2015 at 09:42:44AM -0400, Simo Sorce wrote:
> > On Tue, 2015-08-25 at 15:30 +0530, Yogesh Sharma wrote:
> > > Hi Simo,
> > >
> > > We are using"session optional  *pam_oddjob_mkhomedir*.so
> > > umask=0077"
> > >
> > > and included in
> > > password-auth-ac and password-auth
> >
> > I guess you should read the pam_oddjob_mkhomedir manpage which will tell
> > you that the way you are specifying the umask is incorrect :-)
> > Hint: see oddjob-mkhomedir.conf
> >
> > HTH,
> > Simo.
>
> Also please note:
> https://bugzilla.redhat.com/show_bug.cgi?id=995097
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

[Jakub Hrozek]

On Tue, Aug 25, 2015 at 09:42:44AM -0400, Simo Sorce wrote:
> On Tue, 2015-08-25 at 15:30 +0530, Yogesh Sharma wrote:
> > Hi Simo,
> > 
> > We are using"session optional  *pam_oddjob_mkhomedir*.so
> > umask=0077"
> > 
> > and included in
> > password-auth-ac and password-auth
> 
> I guess you should read the pam_oddjob_mkhomedir manpage which will tell
> you that the way you are specifying the umask is incorrect :-)
> Hint: see oddjob-mkhomedir.conf
> 
> HTH,
> Simo.

Also please note:
https://bugzilla.redhat.com/show_bug.cgi?id=995097

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

[Simo Sorce]

On Tue, 2015-08-25 at 15:30 +0530, Yogesh Sharma wrote:
> Hi Simo,
> 
> We are using"session optional  *pam_oddjob_mkhomedir*.so
> umask=0077"
> 
> and included in
> password-auth-ac and password-auth

I guess you should read the pam_oddjob_mkhomedir manpage which will tell
you that the way you are specifying the umask is incorrect :-)
Hint: see oddjob-mkhomedir.conf

HTH,
Simo.


-- 
Simo Sorce * Red Hat, Inc * New York

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

[Yogesh Sharma]

Hi Simo,

We are using"session optional  *pam_oddjob_mkhomedir*.so
umask=0077"

*Best Regards,*

*__*

*Yogesh Sharma*
*Email: yks0...@gmail.com  | Web: www.initd.in
 *

*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*

   



On Mon, Aug 24, 2015 at 12:21 AM, Simo Sorce  wrote:

> On Sun, 2015-08-23 at 12:06 +0530, Yogesh Sharma wrote:
> > Typo: Umask set is 0077, then the permission should be 700, though we are
> > getting 755.
>
> Where are you setting this mask ?
> And what pam helper do you use to create the home dirs ?
> pam_mkhomedir ? ot pam_oddjob_mkhomedir ?
>
> Simo.
>
> > *Best Regards,*
> >
> > *__*
> >
> > *Yogesh Sharma*
> > *Email: yks0...@gmail.com  | Web: www.initd.in
> >  *
> >
> > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
> >
> >    
> > 
> > 
> >
> > On Sun, Aug 23, 2015 at 12:00 PM, Yogesh Sharma 
> wrote:
> >
> > > Hi,
> > >
> > > FreeIPA users are getting their home directory with default permission
> of
> > > 755 instead of 700.
> > >
> > > I have checked the pam.d configuration and the umask set there for
> > > mkhomedir.so is 0700, however home dir permission are not according to
> this.
> > >
> > > Is there somewhere else we need to add the umask to make it 700. Please
> > > suggest.
> > >
> > > *Best Regards,*
> > >
> > > *__*
> > >
> > > *Yogesh Sharma*
> > > *Email: yks0...@gmail.com  | Web: www.initd.in
> > >  *
> > >
> > > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
> > >
> > >    
> > > 
> > > 
> > >
>
>
> --
> Simo Sorce * Red Hat, Inc * New York
>
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

[Yogesh Sharma]

Hi Simo,

We are using"session optional  *pam_oddjob_mkhomedir*.so
umask=0077"

and included in
password-auth-ac and password-auth

*Best Regards,*

*__*

*Yogesh Sharma*
*Email: yks0...@gmail.com  | Web: www.initd.in
 *

*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*

   



On Tue, Aug 25, 2015 at 3:29 PM, Yogesh Sharma  wrote:

> Hi Simo,
>
> We are using"session optional  *pam_oddjob_mkhomedir*.so
> umask=0077"
>
> *Best Regards,*
>
> *__*
>
> *Yogesh Sharma*
> *Email: yks0...@gmail.com  | Web: www.initd.in
>  *
>
> *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
>
>    
> 
> 
>
> On Mon, Aug 24, 2015 at 12:21 AM, Simo Sorce  wrote:
>
>> On Sun, 2015-08-23 at 12:06 +0530, Yogesh Sharma wrote:
>> > Typo: Umask set is 0077, then the permission should be 700, though we
>> are
>> > getting 755.
>>
>> Where are you setting this mask ?
>> And what pam helper do you use to create the home dirs ?
>> pam_mkhomedir ? ot pam_oddjob_mkhomedir ?
>>
>> Simo.
>>
>> > *Best Regards,*
>> >
>> > *__*
>> >
>> > *Yogesh Sharma*
>> > *Email: yks0...@gmail.com  | Web: www.initd.in
>> >  *
>> >
>> > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
>> >
>> >    
>> > 
>> > 
>> >
>> > On Sun, Aug 23, 2015 at 12:00 PM, Yogesh Sharma 
>> wrote:
>> >
>> > > Hi,
>> > >
>> > > FreeIPA users are getting their home directory with default
>> permission of
>> > > 755 instead of 700.
>> > >
>> > > I have checked the pam.d configuration and the umask set there for
>> > > mkhomedir.so is 0700, however home dir permission are not according
>> to this.
>> > >
>> > > Is there somewhere else we need to add the umask to make it 700.
>> Please
>> > > suggest.
>> > >
>> > > *Best Regards,*
>> > >
>> > > *__*
>> > >
>> > > *Yogesh Sharma*
>> > > *Email: yks0...@gmail.com  | Web: www.initd.in
>> > >  *
>> > >
>> > > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
>> > >
>> > >    
>> > > 
>> > > 
>> > >
>>
>>
>> --
>> Simo Sorce * Red Hat, Inc * New York
>>
>>
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

[Simo Sorce]

On Sun, 2015-08-23 at 12:06 +0530, Yogesh Sharma wrote:
> Typo: Umask set is 0077, then the permission should be 700, though we are
> getting 755.

Where are you setting this mask ?
And what pam helper do you use to create the home dirs ?
pam_mkhomedir ? ot pam_oddjob_mkhomedir ?

Simo.

> *Best Regards,*
> 
> *__*
> 
> *Yogesh Sharma*
> *Email: yks0...@gmail.com  | Web: www.initd.in
>  *
> 
> *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
> 
>    
> 
> 
> 
> On Sun, Aug 23, 2015 at 12:00 PM, Yogesh Sharma  wrote:
> 
> > Hi,
> >
> > FreeIPA users are getting their home directory with default permission of
> > 755 instead of 700.
> >
> > I have checked the pam.d configuration and the umask set there for
> > mkhomedir.so is 0700, however home dir permission are not according to this.
> >
> > Is there somewhere else we need to add the umask to make it 700. Please
> > suggest.
> >
> > *Best Regards,*
> >
> > *__*
> >
> > *Yogesh Sharma*
> > *Email: yks0...@gmail.com  | Web: www.initd.in
> >  *
> >
> > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
> >
> >    
> > 
> > 
> >


-- 
Simo Sorce * Red Hat, Inc * New York

-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Re: [Freeipa-users] FreeIPA user Home Directory Permission Issue

[Yogesh Sharma]

Typo: Umask set is 0077, then the permission should be 700, though we are
getting 755.

*Best Regards,*

*__*

*Yogesh Sharma*
*Email: yks0...@gmail.com  | Web: www.initd.in
 *

*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*

   



On Sun, Aug 23, 2015 at 12:00 PM, Yogesh Sharma  wrote:

> Hi,
>
> FreeIPA users are getting their home directory with default permission of
> 755 instead of 700.
>
> I have checked the pam.d configuration and the umask set there for
> mkhomedir.so is 0700, however home dir permission are not according to this.
>
> Is there somewhere else we need to add the umask to make it 700. Please
> suggest.
>
> *Best Regards,*
>
> *__*
>
> *Yogesh Sharma*
> *Email: yks0...@gmail.com  | Web: www.initd.in
>  *
>
> *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*
>
>    
> 
> 
>
-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

[Freeipa-users] FreeIPA user Home Directory Permission Issue

[Yogesh Sharma]

Hi,

FreeIPA users are getting their home directory with default permission of
755 instead of 700.

I have checked the pam.d configuration and the umask set there for
mkhomedir.so is 0700, however home dir permission are not according to this.

Is there somewhere else we need to add the umask to make it 700. Please
suggest.

*Best Regards,*

*__*

*Yogesh Sharma*
*Email: yks0...@gmail.com  | Web: www.initd.in
 *

*RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*

   


-- 
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project