The comments in /etc/login.defs really need to be updated.
Here is an updated version of the section on login configuration
initialisation:
--8<----- cut here ----------
#
# Login configuration initializations:
#
# ERASECHAR Terminal ERASE character ('\010' = backspace).
# KILLCHAR Terminal KILL character ('\025' = CTRL/U).
# UMASK Default "umask" value.
#
# The ERASECHAR and KILLCHAR are used only on System V machines.
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
#
# On PAM-enabled systems pam_umask uses UMASK as a global default.
# (Global and per user overrides are possible, see man pam_umask.)
# Therefore setting the umask in shell rc files (i.e. /etc/profile and
# others) is discouraged in favour of the pam_umask mechanism.
#
# On non-PAM systems setting the umask in shell rc files, in addition
# to the UMASK setting here, can catches some more classes of user
# entries to system. (Logins through su, cron, ssh etc.)
# At the same time, using shell rc to set umask won't catch entries which use
# non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp"
# user and alike.
# For discussion, see #314539 and #248150 as well as the thread starting at
# http://lists.debian.org/debian-devel/2005/06/msg01598.html
#
#
# UMASK 022 is the "historical" value in Debian,
# 027 or even 077 could be considered better for privacy if the users
# in their groups can not trust each other. There is no
# One True Answer here: Each sysadmin must make up his/her mind.
#
# Note that with login's USERGROUPS_ENAB feature, or the usergroups
# feature of pam_umask, if a user has a user private group
# the user's group permission umask byte is adjusted to match
# the user permission byte.
# This enables flawless collaboration of users in group directories
UMASK 022
--8<---------------
** Changed in: shadow (Ubuntu)
Status: Invalid => Confirmed
--
/etc/login.defs umask cleanup
https://bugs.launchpad.net/bugs/71295
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
