** Summary changed:
- pam_umask.so missing in common-session
+ pam_umask.so missing in common-account
--
pam_umask.so missing in common-account
https://bugs.launchpad.net/bugs/253096
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
** Description changed:
+ The pam_umask.so module determines the umask (from system and user
+ config files) and sets it for users accordingly.
- pam_umask.so determines the umask (from system and user config files (see man
page)) and sets it accordingly.
+ The umask itself should not be set
** Description changed:
The pam_umask.so module determines the umask (from system and user
config files) and sets it for users accordingly.
+ from /etc/login.defs:
+ # the use of pam_umask is recommended as the solution which
+ # catches all these cases on PAM-enabled systems.
+
The
forget comment #7
Properly fixing this issue of no central, consistent and tunable umask
setting in debian and ubuntu systems is now only a matter of adding the
line session optional pam_umask.so usergroups to /etc/pam.d/common-
account.
Thanks to pam_umask and its inclusion, and the all the
No, session modules don't get called from /etc/pam.d/common-account.
That would need to go in /etc/pam.d/common-session{,-noninteractive}.
(I have not otherwise reviewed the proposed patch for suitability.)
--
pam_umask.so missing in common-account
https://bugs.launchpad.net/bugs/253096
You
Forgot to mention the reason I changed it to common-account is that
/etc/pam.d/sudo does not include common-session. This might be OK if
sudo is not considered to open a session. But having a different umask
using sudo would again not be expected and lead to wrong permissions
etc.
Maybe it is