On 15/07/2024 20:03, Greg Wooledge wrote:
If you use a Desktop Environment, go to your DE's support mailing list, and ask them how to set your umask so that it works as expected in all of your programs.
(I am not convinced that default umask should be changed) systemd.exec(5)
UMask= Controls the file mode creation mask. Takes an access mode in octal notation. See umask(2) for details. Defaults to 0022 for system units. For user units the default value is inherited from the per-user service manager (whose default is in turn inherited from the system service manager, and thus typically also is 0022 — unless overridden by a PAM module). In order to change the per-user mask for all user services, consider setting the UMask= setting of the user's user@.service system service instance. The per-user umask may also be set via the umask field of a user's JSON User Record[5] (for users managed by systemd-homed.service(8) this field may be controlled via homectl --umask=). It may also be set via a PAM module, such as pam_umask(8).
https://github.com/systemd/systemd/issues/16963#issuecomment-689656886 poettering commented Sep 9, 2020
The user@.service templated system service is instantiated for each user. It's a system service like any other, hence you can extend it via drop-ins, and thus configure UMask= for it, like for any other system service. e.g. mkdir -p /etc/systemd/system/user@1000.service.d cat > /etc/systemd/system/user@1000.service.d/umask.conf<<EOF [Service] UMask=0007 EOF systemctl daemon-reload
