Bug#1018849: systemd does not honor pam_umask setting

Maurizio Avogadro mavoga at gmail.com
Thu Sep 1 00:50:44 BST 2022 

Package: systemd
Version: 251.3-1
Severity: normal

Dear Maintainer,

despite the line

session optional pam_umask.so umask=0027

in /etc/pam.d/common-session and the line

UMASK 027

in /etc/login.defs, every process spawned by systemd has umask=0022. Files
newly created under a regular bash shell get correct 640 permissions instead.

I noticed this issue the first time ~2 months ago: till then my umask settings
were respected.

Thanks


-- Package-specific info:

-- System Information:
Debian Release: bookworm/sid
APT prefers testing-proposed-updates
APT policy: (990, 'testing-proposed-updates'), (990, 'testing'), (500, 
'stable-security'), (500, 'proposed-updates'), (500, 
'oldstable-proposed-updates'), (500, 'unstable'), (500, 'stable'), (500, 
'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.19.5-xanmod1-x64v2+amdnative (SMP w/16 CPU threads)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8), LANGUAGE=it
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd depends on:
ii adduser 3.128
ii libacl1 2.3.1-1
ii libaudit1 1:3.0.7-1+b1
ii libblkid1 2.38.1-1
ii libc6 2.34-4
ii libcap2 1:2.44-1
ii libcryptsetup12 2:2.5.0-2
ii libfdisk1 2.38.1-1
ii libgcrypt20 1.10.1-2
ii libkmod2 30+20220630-3
ii liblz4-1 1.9.3-2
ii liblzma5 5.2.5-2.1
ii libmount1 2.38.1-1
ii libseccomp2 2.5.4-1+b1
ii libselinux1 3.4-1+b1
ii libssl3 3.0.5-2
ii libsystemd-shared 251.3-1
ii libsystemd0 251.3-1
ii libzstd1 1.5.2+dfsg-1
ii mount 2.38.1-1

Versions of packages systemd recommends:
ii chrony [time-daemon] 4.2-3
ii dbus [default-dbus-system-bus] 1.14.0-2

Versions of packages systemd suggests:
ii libfido2-1 1.11.0-1+b1
ii libtss2-esys-3.0.2-0 3.2.0-1+b1
ii libtss2-mu0 3.2.0-1+b1
ii libtss2-rc0 3.2.0-1+b1
ii policykit-1 0.105-33
pn systemd-boot <none>
ii systemd-container 251.3-1
pn systemd-homed <none>
pn systemd-userdbd <none>

Versions of packages systemd is related to:
ii dbus-user-session 1.14.0-2
pn dracut <none>
ii initramfs-tools 0.142
ii libnss-systemd 251.3-1
ii libpam-systemd 251.3-1
ii udev 251.3-1

-- debconf-show failed

More information about the Pkg-systemd-maintainers mailing list