Sam Geeraerts <sam...@elmundolibre.be> writes: > The default umask on a Squeeze system is 0022. However, when I > connect via ssh to lsh-server on my Squeeze system the umask > in the session is 0000. It would make more sense to also have > 0022 there.
I think traditionally, setting up the default umask was a job for the login shell, typicallly configured in /etc/profile. >From a quick look, it seems umask is no longer set up i /etc/profile, but by some PAM module, configured via /etc/login.defs. Not sure exactly where, though. The documentation says its "pam_umask", but no such module is mentioned in any file under /etc/pam.d/*, as far as I can see. And now enter lshd, which is *not* PAMified. I'm not sure what the status of PAM is in debian. Does policy say that all login-like services must use PAM, and if you don't use PAM, you're on your own? Or is there some recommended way for non-PAM-services to get this right on Debian? One possible workaround might be to add a script to /etc/profile.d which does something like while read key value rest_of_line ; do if [ "$key" = "UMASK" ] ; then umask "$value" fi done << EOF `cat /etc/login.defs` EOF Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org