The comments in /etc/login.defs really need to be updated. Here is an updated version of the section on login configuration initialisation:
--8<----- cut here ---------- # # Login configuration initializations: # # ERASECHAR Terminal ERASE character ('\010' = backspace). # KILLCHAR Terminal KILL character ('\025' = CTRL/U). # UMASK Default "umask" value. # # The ERASECHAR and KILLCHAR are used only on System V machines. # Prefix these values with "0" to get octal, "0x" to get hexadecimal. # ERASECHAR 0177 KILLCHAR 025 # # On PAM-enabled systems pam_umask uses UMASK as a global default. # (Global and per user overrides are possible, see man pam_umask.) # Therefore setting the umask in shell rc files (i.e. /etc/profile and # others) is discouraged in favour of the pam_umask mechanism. # # On non-PAM systems setting the umask in shell rc files, in addition # to the UMASK setting here, can catches some more classes of user # entries to system. (Logins through su, cron, ssh etc.) # At the same time, using shell rc to set umask won't catch entries which use # non-shell executables in place of login shell, like /usr/sbin/pppd for "ppp" # user and alike. # For discussion, see #314539 and #248150 as well as the thread starting at # http://lists.debian.org/debian-devel/2005/06/msg01598.html # # # UMASK 022 is the "historical" value in Debian, # 027 or even 077 could be considered better for privacy if the users # in their groups can not trust each other. There is no # One True Answer here: Each sysadmin must make up his/her mind. # # Note that with login's USERGROUPS_ENAB feature, or the usergroups # feature of pam_umask, if a user has a user private group # the user's group permission umask byte is adjusted to match # the user permission byte. # This enables flawless collaboration of users in group directories UMASK 022 --8<--------------- ** Changed in: shadow (Ubuntu) Status: Invalid => Confirmed -- /etc/login.defs umask cleanup https://bugs.launchpad.net/bugs/71295 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs