我之所以注意到这一点,是因为安装时tree
注意到了/usr/bin/mandb: can't search directory /usr/local/man/man1/: Permission denied
。我检查/usr/local/man/man1
并确认它被设置为限制性0700
权限。我正在运行 Debian 11 Bullseye。所有用户都受到影响并默认使用0077
umask,但没有一个常用文件将其设置为该值。我检查了
/etc/profile
/etc/bash.bashrc
- 用户
.profile
的.bashrc
- 我也搜索过,
umask.*77
但没有任何结果
这似乎是我系统上的 Debian 默认设置,但它显然会破坏一些东西。我如何恢复0022
Debian 文档中提到的默认设置?
任何帮助表示感谢
答案1
默认的“umask”设置在 中/etc/login.defs
。请参阅man 5 login.defs
了解其说明。
在我的机器上它看起来像这样:
❯ grep -A16 '^# UMASK' /etc/login.defs
# UMASK is the default umask value for pam_umask and is used by
# useradd and newusers to set the mode of the new home directories.
# 022 is the "historical" value in Debian for UMASK
# 027, or even 077, could be considered better for privacy
# There is no One True Answer here : each sysadmin must make up his/her
# mind.
#
# If USERGROUPS_ENAB is set to "yes", that will modify this UMASK default value
# for private user groups, i. e. the uid is the same as gid, and username is
# the same as the primary group name: for these, the user permissions will be
# used as group permissions, e. g. 022 will become 002.
#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
UMASK 022
如果不是这个问题,您应该检查登录服务的 PAM 配置,例如控制台上的“login”或 SSH 的“sshd”,这些配置在目录中进行配置/etc/pam.d/
。不要忘记检查“common-*”文件,前者默认包含这些文件!