[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: umask - default user settings?

On Wed, Jul 17, 2024 at 22:10:28 +0700, Max Nikulin wrote:
> Do you mean the following bug or something else?
> <https://bugs.debian.org/711104>
> login: su - doesn't set umask
> Fixed in version pam/1.5.3-1
> Tue, 16 Jan 2024 00:19:23 +0000

Huh... given the age of the bug, I expected this was something already
done in bookworm, but it's not.

hobbit:/etc/pam.d$ grep -i umask *
hobbit:/etc/pam.d$ grep -i mask *
hobbit:/etc/pam.d$ 

Bookworm has PAM package version 1.5.2-6+deb12u1, not 1.5.3.  Looks like
this change was only made this year, and therefore won't appear until
Debian 13.

This makes me wonder what's setting umask *now*.  Is it still PAM, just
using a compile-time default instead of a value that's discoverable in
a conffile?

Also, this confused me:

hobbit:/etc/pam.d$ dpkg -S /etc/pam.d/common-session
dpkg-query: no path found matching pattern /etc/pam.d/common-session

Where does that file come from, then?  The installer?  Oh wait, there are
postinst scripts....

hobbit:~$ grep common-session /var/lib/dpkg/info/*.postinst
/var/lib/dpkg/info/libpam-runtime.postinst: for configfile in common-auth common-account common-session  \
/var/lib/dpkg/info/libpam-runtime.postinst:       "$DPKG_ROOT"/etc/pam.d/common-session.pam-old

So I guess that file comes from libpam-runtime, but it's not managed
like a regular conffile.  I suppose there was some reason for this, even
if I can't guess it.
Reply to: