pam_umask (8) - Linux Manuals
pam_umask: PAM module to set the file mode creation mask
NAME
pam_umask - PAM module to set the file mode creation mask
SYNOPSIS
- pam_umask.so [debug] [silent] [usergroups] [nousergroups] [umask=mask]
DESCRIPTION
The PAM module tries to get the umask value from the following places in the following order:
- • umask= entry in the user's GECOS field
- • umask= argument
- • UMASK entry from /etc/login.defs (influenced by USERGROUPS_ENAB in /etc/login.defs)
- • UMASK= entry from /etc/default/login
The GECOS field is split on comma ',' characters. The module also in addition to the umask= entry recognizes pri= entry, which sets the nice priority value for the session, and ulimit= entry, which sets the maximum size of files the processes in the session can create.
OPTIONS
debug
- Print debug information.
silent
- Don't print informative messages.
usergroups
- If the user is not root and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 -> 002, 077 -> 007). Note that using this option explicitly is discouraged. pam_umask enables this functionality by default if /etc/login.defs enables USERGROUPS_ENAB, and the umask is not set explicitly in other places than /etc/login.defs (this is compatible with login's behaviour without PAM).
nousergroups
- This is the direct opposite of the usergroups option described above, which can be useful in case pam_umask has been compiled with usergroups enabled by default and you want to disable it at runtime.
umask=mask
- Sets the calling process's file mode creation mask (umask) to mask & 0777. The value is interpreted as Octal.
MODULE TYPES PROVIDED
Only the session type is provided.
RETURN VALUES
PAM_SUCCESS
- The new umask was set successfully.
PAM_BUF_ERR
- Memory buffer error.
PAM_CONV_ERR
- The conversation method supplied by the application failed to obtain the username.
PAM_INCOMPLETE
- The conversation method supplied by the application returned PAM_CONV_AGAIN.
PAM_SERVICE_ERR
- No username was given.
PAM_USER_UNKNOWN
- User not known.
EXAMPLES
Add the following line to /etc/pam.d/login to set the user specific umask at login:
-
session optional pam_umask.so umask=0022
AUTHOR
pam_umask was written by Thorsten Kukuk <kukuk [at] thkukuk.de>.