Debian umask 默认为 0077

Question

默认的“umask”设置在中/etc/login.defs。请参阅man 5 login.defs了解其说明。

在我的机器上它看起来像这样：

❯ grep -A16 '^# UMASK' /etc/login.defs
# UMASK is the default umask value for pam_umask and is used by
# useradd and newusers to set the mode of the new home directories.
# 022 is the "historical" value in Debian for UMASK
# 027, or even 077, could be considered better for privacy
# There is no One True Answer here : each sysadmin must make up his/her
# mind.
#
# If USERGROUPS_ENAB is set to "yes", that will modify this UMASK default value
# for private user groups, i. e. the uid is the same as gid, and username is
# the same as the primary group name: for these, the user permissions will be
# used as group permissions, e. g. 022 will become 002.
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR       0177
KILLCHAR        025
UMASK           022

如果不是这个问题，您应该检查登录服务的 PAM 配置，例如控制台上的“login”或 SSH 的“sshd”，这些配置在目录中进行配置/etc/pam.d/。不要忘记检查“common-*”文件，前者默认包含这些文件！

Answer 1

默认的“umask”设置在中/etc/login.defs。请参阅man 5 login.defs了解其说明。

在我的机器上它看起来像这样：

❯ grep -A16 '^# UMASK' /etc/login.defs
# UMASK is the default umask value for pam_umask and is used by
# useradd and newusers to set the mode of the new home directories.
# 022 is the "historical" value in Debian for UMASK
# 027, or even 077, could be considered better for privacy
# There is no One True Answer here : each sysadmin must make up his/her
# mind.
#
# If USERGROUPS_ENAB is set to "yes", that will modify this UMASK default value
# for private user groups, i. e. the uid is the same as gid, and username is
# the same as the primary group name: for these, the user permissions will be
# used as group permissions, e. g. 022 will become 002.
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR       0177
KILLCHAR        025
UMASK           022

如果不是这个问题，您应该检查登录服务的 PAM 配置，例如控制台上的“login”或 SSH 的“sshd”，这些配置在目录中进行配置/etc/pam.d/。不要忘记检查“common-*”文件，前者默认包含这些文件！

Debian umask 默认为 0077

答案1

相关内容