如果我在主目录中创建新的文件和目录,则默认情况下这些文件和目录都是可组写入的:
will@together:~$ touch test
will@together:~$ mkdir test_dir
will@together:~$ ll | grep test
-rw-rw-r-- 1 will will 0 Apr 23 10:36 test
drwxrwxr-x 2 will will 4096 Apr 23 10:36 test_dir/
这种行为的原因是由于 Debian/Ubuntu 处理用户和组的方式,称为用户私人群组。
我刚刚全新安装了 Ubuntu,我注意到自动创建的目录(文档、桌面等)不是可组写入的。
will@together:~$ ll | grep Documents
drwxr-xr-x 2 will will 4096 Apr 22 22:21 Documents/
我只是想知道这是什么原因。
答案1
首先,您可以ll -d Documents储蓄,grep以备不时之需。
其中/etc/adduser.conf一项发现:
# If DIR_MODE is set, directories will be created with the specified
# mode. Otherwise the default mode 0755 will be used.
DIR_MODE=0751
参见man adduser和man adduser.conf。
答案2
这是因为在创建主目录时,/etc/login.defs默认umask设置为 022。022 是私有组概念出现之前存在的“历史”umask。但USERGROUPS_ENAB yes在创建主目录后/etc/login.defs,它被更改为 002(适用于创建主目录后创建的任何内容)。
仅当禁用私有组时,中的配置/etc/adduser.conf才会覆盖上述配置。迁移到 002 的动机是,随着私有组的出现,022 变得非常受限,例如:设置共享目录。
您可以在启动板和Debian 错误日志。此外,来自/etc/login.defs:
> # UMASK is the default umask value for pam_umask and is used by
> # useradd and newusers to set the mode of the new home directories.
> # 022 is the "historical" value in Debian for UMASK
> # 027, or even 077, could be considered better for privacy
> # There is no One True Answer here : each sysadmin must make up his/her
> # mind.
> #
> # If USERGROUPS_ENAB is set to "yes", that will modify this UMASK default value
> # for private user groups, i. e. the uid is the same as gid, and username is
> # the same as the primary group name: for these, the user permissions will be
> # used as group permissions, e. g. 022 will become 002.
# Enable setting of the umask group bits to be the same as owner bits
# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is
# the same as gid, and username is the same as the primary group name.
#
# If set to yes, userdel will remove the user´s group if it contains no
# more members, and useradd will create by default a group with the name
# of the user.
#
USERGROUPS_ENAB yes