On 5/10/2010 10:23 AM, Julien Cristau wrote: > On Mon, May 10, 2010 at 10:14:00 -0600, Aaron Toponce wrote: > Are there reasons for making the switch? With user groups, umask 002 or > 022 doesn't make a difference. To switch off user groups, you set > USERGROUPS=no in adduser.conf, and that's it. The biggest reason for making the change is when group collaboration becomes a necessity. Suppose you have an 'devel' group on the system, and a central directory where the collaboration happens. Because of the default umask value being '0022', the users must make sure that they have 'umask 0002' in their shell rc file, or as appropriate, or they must be constantly calling chmod to change the group permissions when new files are created. If the default umask is '0002' on a UPG system, then this checklist item doesn't need to be worried about. For example: $ id uid=1000(foo) gid=1000(foo) groups=1000(foo) [snip] $ mkdir src $ ls -ld src drwxr-xr-x 45 foo foo 4096 May 10 10:36 src/ $ chgrp devel src $ ls -ld src drwxr-xr-x 45 foo devel 4096 May 10 10:36 src/ $ chmod g+ws src $ ls -ld src drwxrwsr-x 45 foo devel 4096 May 10 10:36 src/ $ cd src $ touch foo.c $ ls -l foo.c -rw-r--r-- 45 foo devel 4096 May 10 10:36 foo.c $ chmod g+w foo.c etc. Again, this headache can be eliminated by setting the umask to '0002' in their .bashrc, .profile, etc, or it could just be set it system-wide, seeing as though we're implementing UPG from the outset. In my professional experience, I've seen cron jobs setup to navigate to a development directory, and 'chmod -R g+w *' to make sure the write bit is set, which is rather pathetic (and inappropriate) if you ask me. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O
Attachment:
signature.asc
Description: OpenPGP digital signature