On Apr 30, 12:30 pm, NN_il_Confusionario <[EMAIL PROTECTED]> wrote: > > * From: Bug <[EMAIL PROTECTED]> > >But when I login in, I still get umask 022. What step am I missing? > > I do not use pam_umask , but: > > (1) /usr/share/doc/libpam-umask/README says: > > If a user has a .pam_umask > in his home directory, the contents will be used to set the umask. > > (2) Linkname: pam_umask(8) - Linux man page > URL:http://linux.die.net/man/8/pam_umask > says > > The PAM module tries to get the umask value from the following places in > the following > order: > * umask= argument > * umask= entry of the users GECOS field > * pri= entry of the users GECOS field > * ulimit= entry of the users GECOS field > * UMASK= entry from /etc/default/login > * UMASK entry from /etc/login.defs > > It also speaks about a debug option. > > Looking at the sources (apt-get source libpam-umask), I dubt that the > man page applies to the debian version of libpam-umask, but a look at > the above files (/etc/passwd) might be worthy.
Yes, the source doesn't indicate anything like that. It tried ~/.pam_umask and then the "system" umask, passed as a argument in the form umask=[N]NNN. I find this package a bit maddening. It mixes hyphens and underscores in names, paths, etc. Although I have to admit, I've never seen a Debian package name with an underscore in the name, so if that's the constraint, it can cause confusion. The documentation is lacking some detail too, e.g. only by looking at the source would you know that the ~/.pam_umask file should only contain [N]NNN, and not umask=[N]NNN, or some other form. Where does one make suggestions for improvement? To the package maintainer? > (3) perhaps a > > # strace -f -o /tmp/login.strace.log login -f user > > might help Those were all good suggestions, but when I tried the last one and found the umask set as I expected, I went hunting. I was logging in via ssh using public key authentication, and UsePAM was set to 'no' in my /etc/ssh/ sshd_config file. My fault entirely! Now fixed and working properly. But perhaps the lively discussion found at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314539 deserved another caveat. Thanks for the pointers -- you saved the day!!! -r -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
