Fajar Priyanto wrote:
Do you know where I can set the umask globally in Suse?
For all users: create /etc/profile.local with the umask command.
For a group of users: Place it in their ~/.profile.
However, I don't think setting up the umask globally would be "as safe as" in
RH, because Suse doesn't use the concept of UPG (user private group). So, if
I set the umask globally, then it means every user can access those files and
directory in the "test" directory.
Yes, that's right. This setting is only sensible if you don't use
"users" as the group for these accounts, but a specific (different)
group.
You mean ACL as in "extended ACL" from setfacl?
Yep. As an example, I use the following ACL setting on a SVN
repository directory to ensure that www-data has always read access
and group texcatal has write access, on newly created files in that
directory tree:
comedy:~ # getfacl /home/ctan/texcatalogue_svn
getfacl: Removing leading '/' from absolute path names
# file: home/ctan/texcatalogue_svn
# owner: ftpmaint
# group: server
user::rwx
user:www-data:r-x
group::r-x
group:texcatal:rwx
mask::rwx
other::---
default:user::rwx
default:user:www-data:r-x
default:group::r-x
default:group:texcatal:rwx
default:mask::rwx
default:other::---
(Btw, this is the SVN repository that drives the TeX-Catalogue, at
http://www.ctan.org/tex-archive/help/Catalogue/catalogue.html.)
I think I can try "create" the UPG situation like in RH, but it means I have
to "remove" all related users from the 'user' group. Not practical.
Then ACL might be the way to go.
Or, after some browsing on /etc/apparmor directory, I think it's possible to
set the umask for the 'test' directory and files.
Sorry, can't help with AppArmor; I don't use it.
Joachim
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Joachim Schrod Email: [EMAIL PROTECTED]
Roedermark, Germany
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
