[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Re: Xsession doesn't use umask setting from /etc/login.defs

In october you told that :
> environment variables, at least, are trivial to accomplish using the
> pam_env module.  Properly setting a umask would call for something else
> yet.

in response to :
>> I don't think everything in /etc/login.defs is provided by PAM yet,
>> although I'm willing to be corrected on this. I agree that's the right
>> place for programs like sshd and Xsession to get this information.
from Colin Watson

I would like it to be. But pam_env is called so soon in the stack that few env variables are already available.
For exmaple the module first parse /etc/security/pam_env.conf before including /etc/environemnt in the environment.
which is bad as it prevents to redefine variables setted there and check if they were defined too.

As it is pam_env is mere a way to fix a few needs for settings up the authentification environment. 
Also $HOME and such are not yet available (this can be worked around by using "~" instead but it is not great).
Then there is no way to make conditional choice. For example to set a different PATH for ROOT and other users (fixing
 all the wishlist on being able to set up PATH in a central location). This would not make sense with the current
 pam_env module as information like hte user id are not yet available.

However this htread has added pam-umask which is already a great addition.


Reply to: