On 05/19/2010 11:25 AM, Santiago Vila wrote:
> For the record: I've changed the umask setting in /etc/profile to this:
>
> if [ "`id -u`" -ge 1000 ]; then
> umask 002
> else
> umask 022
> fi
[snip]
> Some people proposed complex code to determine whether UPG was in use
> for system users. Such thing would be an "exception to the exception"
> and as such I think it would be a bad thing, as it would make things
> a lot more complex without any real gain.
I suggested this, which I don't think is complex. However, what you have
suggested should work just fine.
if [ "$(id -un)" = "$(id -gn)" ] && [ "$UID" -gt 99 ]; then
umask 0002
else
umask 0022
fi
The logic is simple, IMO: if the group name and the user name match,
it's UPG. If UPG and it is not a system user, then set the umask to
0002. Otherwise, set to 0022.
I don't know if that logic will match any additional cases (unless user
accounts are created under ID 1000), however, so we should be good with
your simpler logic on just matching the UID.
Speaking of which, because of NFS, should matching just the UID -ge 1000
a good idea? Other systems start their accounts at 500, and matching UID
is critical in NFS environments. Just a thought.
--
. O . O . O . . O O . . . O .
. . O . O O O . O . O O . . O
O O O . O . . O O O O . O O O
Attachment:
signature.asc
Description: OpenPGP digital signature