Knurpht, thank you for your quick reply. Where do I change the default for new users before creating one, on Yast > User and Group Management > Defaults for New Users > Umask for Home Directory, or do I use ~:# pam-config -a --umask-umask=077 ?
That’s up to you. These day’s I’d say that actually pam-config is the way to do this. But I know the “Yast” way works as well.
Sorry but I don’t think that’s right. The “Umask for home directory” setting and the PAM umask setting are two different settings, not two ways of achieving the same thing.
@kerke
If I were you I’d do:
- Set the umask using PAM to 0077. This is the umask that’s applied at login, so with 0077 all new files and directories created by your users will only be accessible by them
- chmod o-rwx g-rwx all the existing home directories to fix up the permissions on the existing user files
- Set the “Umask for home directory” setting in YAST 077. This means that when you create a new user the permissions on the home directory and the handful of files copied from /etc/skel (eg. .bashrc) will be right.
On 2011-09-26 21:06, Knurpht wrote:
>
> kerke;2387872 Wrote:
>> Knurpht, thank you for your quick reply. Where do I change the default
>> for new users before creating one, on -Yast > User and Group Management
>>> Defaults for New Users > Umask for Home Directory-, or do I use ~:#
>> pam-config -a --umask-umask=077 ?
>
> That’s up to you. These day’s I’d say that actually pam-config is the
> way to do this. But I know the “Yast” way works as well.
In openSUSE it should be YaST, and let YaST do the appropriate changes. If
YaST doesn’t do whatever is appropriate nowdays, then that’s a bug.
–
Cheers / Saludos,
Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)
As I’ve pointed out already, the setting in YAST is for a different thing. There is no equivalent to the pam-config command in YAST.
tk83, I just did all of the above (1+2+3). Here’s my home folder:
~> ls -l
total 76
drwx------ 8 kerke users 4096 Sep 24 08:45 Aptana Studio 3
drwx------ 3 kerke users 4096 Sep 3 09:30 Aptana Studio 3 Workspace
drwx------ 2 kerke users 4096 Sep 2 14:49 bin
drwx------ 2 kerke users 4096 Sep 17 14:15 Desktop
drwx------ 4 kerke users 4096 Sep 26 19:05 Documents
drwx------ 2 kerke users 4096 Sep 25 11:30 Downloads
drwx------ 22 kerke users 4096 Sep 26 18:25 Dropbox
drwx------ 9 kerke users 4096 Sep 25 21:48 eclipse
drwx------ 273 kerke users 12288 Sep 3 10:36 Music
drwx------ 96 kerke users 12288 Sep 8 19:16 Pictures
drwx------ 2 kerke users 4096 Sep 2 14:51 Public
drwx------ 2 kerke users 4096 Sep 21 19:44 public_html
drwx------ 2 kerke users 4096 Sep 2 14:51 Templates
drwx------ 2 kerke users 4096 Sep 3 15:18 Videos
However, I created a test file (with vim), and it looks like this:
-rw-r–r-- 1 kerke users 5 Sep 26 19:20 test
Isn’t is supposed to look like this:?
-rw-r----- 1 kerke users 5 Sep 26 19:20 test
Opps, it worked OK after I logged out and logged back in. Newly created files in my home directory now have the right permissions:
-rw------- 1 jorge users 6 Sep 26 19:45 newfile