diff options
Diffstat (limited to 'modules/pam_umask/pam_umask.8')
-rw-r--r-- | modules/pam_umask/pam_umask.8 | 176 |
1 files changed, 176 insertions, 0 deletions
diff --git a/modules/pam_umask/pam_umask.8 b/modules/pam_umask/pam_umask.8 new file mode 100644 index 0000000..0a4ad5a --- /dev/null +++ b/modules/pam_umask/pam_umask.8 @@ -0,0 +1,176 @@ +'\" t +.\" Title: pam_umask +.\" Author: [see the "AUTHOR" section] +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 06/08/2020 +.\" Manual: Linux-PAM Manual +.\" Source: Linux-PAM Manual +.\" Language: English +.\" +.TH "PAM_UMASK" "8" "06/08/2020" "Linux-PAM Manual" "Linux\-PAM Manual" +.\" ----------------------------------------------------------------- +.\" * Define some portability stuff +.\" ----------------------------------------------------------------- +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.\" http://bugs.debian.org/507673 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" ----------------------------------------------------------------- +.\" * set default formatting +.\" ----------------------------------------------------------------- +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.\" ----------------------------------------------------------------- +.\" * MAIN CONTENT STARTS HERE * +.\" ----------------------------------------------------------------- +.SH "NAME" +pam_umask \- PAM module to set the file mode creation mask +.SH "SYNOPSIS" +.HP \w'\fBpam_umask\&.so\fR\ 'u +\fBpam_umask\&.so\fR [debug] [silent] [usergroups] [nousergroups] [umask=\fImask\fR] +.SH "DESCRIPTION" +.PP +pam_umask is a PAM module to set the file mode creation mask of the current environment\&. The umask affects the default permissions assigned to newly created files\&. +.PP +The PAM module tries to get the umask value from the following places in the following order: +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +umask= entry in the user\*(Aqs GECOS field +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +umask= argument +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +UMASK entry from /etc/login\&.defs +.RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +UMASK= entry from /etc/default/login +.RE +.PP +The GECOS field is split on comma \*(Aq,\*(Aq characters\&. The module also in addition to the umask= entry recognizes pri= entry, which sets the nice priority value for the session, and ulimit= entry, which sets the maximum size of files the processes in the session can create\&. +.SH "OPTIONS" +.PP +.PP +\fBdebug\fR +.RS 4 +Print debug information\&. +.RE +.PP +\fBsilent\fR +.RS 4 +Don\*(Aqt print informative messages\&. +.RE +.PP +\fBusergroups\fR +.RS 4 +If the user is not root and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007)\&. +.RE +.PP +\fBnousergroups\fR +.RS 4 +This is the direct opposite of the usergroups option described above, which can be useful in case pam_umask has been compiled with usergroups enabled by default and you want to disable it at runtime\&. +.RE +.PP +\fBumask=\fR\fB\fImask\fR\fR +.RS 4 +Sets the calling process\*(Aqs file mode creation mask (umask) to +\fBmask\fR +& 0777\&. The value is interpreted as Octal\&. +.RE +.SH "MODULE TYPES PROVIDED" +.PP +Only the +\fBsession\fR +type is provided\&. +.SH "RETURN VALUES" +.PP +.PP +PAM_SUCCESS +.RS 4 +The new umask was set successfully\&. +.RE +.PP +PAM_BUF_ERR +.RS 4 +Memory buffer error\&. +.RE +.PP +PAM_CONV_ERR +.RS 4 +The conversation method supplied by the application failed to obtain the username\&. +.RE +.PP +PAM_INCOMPLETE +.RS 4 +The conversation method supplied by the application returned PAM_CONV_AGAIN\&. +.RE +.PP +PAM_SERVICE_ERR +.RS 4 +No username was given\&. +.RE +.PP +PAM_USER_UNKNOWN +.RS 4 +User not known\&. +.RE +.SH "EXAMPLES" +.PP +Add the following line to +/etc/pam\&.d/login +to set the user specific umask at login: +.sp +.if n \{\ +.RS 4 +.\} +.nf + session optional pam_umask\&.so umask=0022 + +.fi +.if n \{\ +.RE +.\} +.sp +.SH "SEE ALSO" +.PP +\fBpam.conf\fR(5), +\fBpam.d\fR(5), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +pam_umask was written by Thorsten Kukuk <kukuk@thkukuk\&.de>\&. |