Bug#314539: [Pkg-shadow-devel] please remove UMASK from login.defs
Tollef Fog Heen
Tollef Fog Heen <tfheen@debian.org>, 314539@bugs.debian.org
Mon, 20 Jun 2005 13:49:49 +0200
* Christian Perrier=20
#include <cold_wind_from_.no>
| (Tollef, as libpam-umask pkg maintainer, could you look at #314539?)
Done.
| Alex seems to have well proven that UMASK in login.defs is *currently*
| the only way to be sure that all possible ways to login to a system
| will have the right mask.
|=20
| So, until pam_umask is part of the default settings on Debian systems
| (which may require to request this), we probably had better to stick
| with UMASK being actually set in login.defs, which an appropriate comment.
|=20
| Having umask part of the default system might be the Way To
| Go. Tollef, input?
pam_umask was (initially at least) just written to make Branden happy
after he got a wishlist bug on =C2=ABhow do I set umask for my X session=C2=
=BB.
He wasn't happy about looking in login.defs from the X session startup
scripts.
That said, I don't have any big objections for inclusion in base or
something equivalent. Alexander Gattin seemed to think pam_umask is a
bit unsophisticated. I am inclined to agree, but supporting per-user
configuration is trivial. The reason for it not being there is no
request for it has been made. Including per-user, per-session support
(so I can have one umask when using xdm and another when using ssh) is
possible, but I'm not sure the complexity is needed. Per sesssion is
easy enough, just customise in the relevant file in /etc/pam.d.
Some applications are broken too, like gdm which explicitly sets the
umask several times as part of the login process, but those are just
bugs which need to be fixed.
--=20
Tollef Fog Heen ,''`.
UNIX is user friendly, it's just picky about who its friends are : :' :
`. `'=
=20
`-=
=20=20