Re: Umask 002 policy
> On (22/12/04 20:19), Juhasz Sandor wrote:
> >
> > I have to implement default umask 002 for my users on my Debian server.
> > I use KDM login. I searched the net, and I found tips only on setting umask
> > on console, and on terminal emulators. (The standard /etc/profile,
> > ~/.bashrc, /etc/bash.bashrc way.) Any program started from X window manager
> > (for example K menu), has the original 022 umask. How can I solve this
> > problem?
Have a look at the package libpam-umask. I haven't used it, but it looks
like what you want. It hooks into PAM, so that when users are
authenticated for login, their umask is set to what you want.
> > Some words about my server filesystem: I have some directories (teachers,
> > classA, classB, etc) in my /export directory, which are only readable and
> > writable by the groups with the same name. These groups have to be able to
> > read, and edit each other's files. I decided to make this role with
> > umask 002
> > and private groups for every user (for their home directory). Is this the
> > common way to solve this situation? If not, please help me.
The is common, with the addition of setgid directories (chmod g+s
dirname). Files created in a directory with the set-group-id bit set
will take the group from the parent directory.
Clive Menzies replied...
>
> For existing directories: $ chmod -R 775 should do the trick
bad idea. That will change all files to mode 775 as well. You only want
directories. Plus you want the directories to have a mode of 2775 (or
2770 depending on permissions for others).
To prepare a directory hierarchy for group use, I do the following:
# chgrp -R $group $dir
# find $dir -type d -print0 | xargs -0 chmod 2770
(I usually use mode 2775, but I think you wanted 2770 from your
description)
# find $dir -type f -print0 | xargs -0 chmod 660
(likewise, I usually use mode 664...)
Reply to: