On Fri, 2005-06-17 at 00:33 +0200, Santiago Vila wrote: > On Fri, 17 Jun 2005, martin f krafft wrote: > > > If one is faced with the task to set the umask globally for all > > users and shells, this turns out to be a job of redundancy: every > > shell uses its own file in /etc, and you end up making changes to > > 5 files or more (depending on the number of installed shells). > > What's worse: change the umask and you'll possibly forget one shell > > or the other, which may cause delays in your user's work, or even > > break things (yeah, you should not rely on umask; yeah, don't tell > > me...) > > > > [ snipped gigantic hack ] > > > > So the plan is: > > > > 1. gather comments. > > 2. file a bug against base-files to have the files included. > > 3. once base-files hits unstable, mass-file bugs against all > > compatible shells and ask them to use it. > > 4. rejoice. > > > > So, let's start at (1)... > > This is Unix, and we are system integrators. Our job is to make things > simpler, not more complex. I wonder why people always consider > base-files as the package of choice to implement all sorts of ugly > global hacks. > > There is already an umask setting in /etc/login.defs. If it makes people > happy, I will happily drop the umask setting from /etc/profile, so > that people do not have to decide between login.defs and profile > when trying to set an umask globally. > > Then we could make policy (or just convince the shell maintainers) that > shells should not set umask in their default global initialization > scripts, so that they do not override the one in /etc/login.defs.
pam umask should be used ... though this was adde to debian without much integration. The setting in /etc/login.defs should be move to the end of this file (settings obsolete by pam) and all /etc/pam.d files upgraded. Do libpam-umask ought to be "base" ? And the setting removed from all shell/cron/X who knows specific configuration file. Thanks again Tollef for the great libpam-umask . I cannot wait for when some fellow manages to make a libpam-path (which deal with a separate path for root and users, maybe for su, ssh , cron too) ... it is time to get rid of /etc/login.defs and hacks to work around it (especially su, ssh and X login managers ). Tese kind of small extensions does more for us administrators to get a get a real life, children , etc than big g4c, yast ... :) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]