[Pkg-shadow-devel] Documenting shadow package

Nicolas François nicolas.francois at centraliens.net
Mon Jan 19 10:05:59 UTC 2009


On Mon, Jan 19, 2009 at 10:42:58AM +0900, vuhung16plus at gmail.com wrote:
> I've tried to figure out why on some Linux system,
> the default permission of an user's $HOME created
> by the command "useradd" is 0700.
> useradd uses its own UMASK setting which is
> read from the configuration file /etc/login.defs.
> "man 8 useradd" does refer to this file but I does not write
> anything about UMASK setting neither in "man useradd" or login.defs
> By adding a line "UMASK 0022" to the end of /etc/login.defs,
> I propose that
> 1. Document the use of UMASK in "man 8 useradd"
> 2. Document the use of UMASK in the file /etc/login.defs
>     that comes with shadow package by default,
>    so users will know how to use it.

Thanks for the suggestions.

UMASK is already documented as used by useradd, but the man page is not
really explicit about what it does. I changed the description of UMASK to:

       UMASK (number)
           The file mode creation mask is initialized to this value. If not
           specified, the mask will be initialized to 022.

           useradd and newusers use this mask to set the mode of the home
           directory they create

And for non-PAM enabled systems:

           It is also used by login to define users´ initial umask. Note that
           this mask can be overriden by the user´s GECOS line (if QUOTAS_ENAB
           is set) or by the specification of a limit with the K identifier in

I also added the following to the default /etc/login.defs:

# UMASK is also used by useradd and newusers to set the mode of new home
# directories

Best Regards,

More information about the Pkg-shadow-devel mailing list