On 3/23/23 14:36, Matthew Weigel wrote:
On 2023-03-23 11:53 am, ch...@qatland.com wrote:
I did not look at the code at all for this. Only using existing
programs.
If this should not be working then a patch will be needed somewhere.
I didn't give it a try, but I took your report at face value and looked
closer at the code.
When it copies /etc/skel over, it does so with a command like
"pax -rw -pe /etc/skel
/home/$USER"(https://github.com/openbsd/src/blob/869ed59d760a94e6086f364d91f2b56074421cc9/usr.sbin/user/user.c#L316)
which sets all permissions, starting with /etc/skel. That's why it
behaved
as you observed, the way the original poster wanted.
However I will state that having the ability to set the default
permissions somewhere would be useful, and a requirement in some
environments.
I agree, not that I have any say. It's also worth pointing out that you
can have multiple skeleton directories and specify which one you want to
use when you run the program; there's no need to change the default
skeleton directory (or, it's possible to keep a traditional readable-by-
all skeleton directory around even if you make it not the default).
Matthew
I kinda like the /etc/skel directory providing the default. That's the
model for a new user -- it has a basic .profile, a .ssh directory
and empty .ssh/authorized_keys file, all with permissions properly set.
Yeah, I know some compliance people want to see complete privacy on
home directories, but that kinda defeats a point of a multi-user system,
that people might just want to collaborate with each other.
Nick.
