summaryrefslogtreecommitdiffstats
path: root/modules/pam_umask/pam_umask.8
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_umask/pam_umask.8')
-rw-r--r--modules/pam_umask/pam_umask.8176
1 files changed, 176 insertions, 0 deletions
diff --git a/modules/pam_umask/pam_umask.8 b/modules/pam_umask/pam_umask.8
new file mode 100644
index 0000000..0a4ad5a
--- /dev/null
+++ b/modules/pam_umask/pam_umask.8
@@ -0,0 +1,176 @@
+'\" t
+.\" Title: pam_umask
+.\" Author: [see the "AUTHOR" section]
+.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
+.\" Date: 06/08/2020
+.\" Manual: Linux-PAM Manual
+.\" Source: Linux-PAM Manual
+.\" Language: English
+.\"
+.TH "PAM_UMASK" "8" "06/08/2020" "Linux-PAM Manual" "Linux\-PAM Manual"
+.\" -----------------------------------------------------------------
+.\" * Define some portability stuff
+.\" -----------------------------------------------------------------
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.\" http://bugs.debian.org/507673
+.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
+.\" disable hyphenation
+.nh
+.\" disable justification (adjust text to left margin only)
+.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
+.SH "NAME"
+pam_umask \- PAM module to set the file mode creation mask
+.SH "SYNOPSIS"
+.HP \w'\fBpam_umask\&.so\fR\ 'u
+\fBpam_umask\&.so\fR [debug] [silent] [usergroups] [nousergroups] [umask=\fImask\fR]
+.SH "DESCRIPTION"
+.PP
+pam_umask is a PAM module to set the file mode creation mask of the current environment\&. The umask affects the default permissions assigned to newly created files\&.
+.PP
+The PAM module tries to get the umask value from the following places in the following order:
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+umask= entry in the user\*(Aqs GECOS field
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+umask= argument
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+UMASK entry from /etc/login\&.defs
+.RE
+.sp
+.RS 4
+.ie n \{\
+\h'-04'\(bu\h'+03'\c
+.\}
+.el \{\
+.sp -1
+.IP \(bu 2.3
+.\}
+UMASK= entry from /etc/default/login
+.RE
+.PP
+The GECOS field is split on comma \*(Aq,\*(Aq characters\&. The module also in addition to the umask= entry recognizes pri= entry, which sets the nice priority value for the session, and ulimit= entry, which sets the maximum size of files the processes in the session can create\&.
+.SH "OPTIONS"
+.PP
+.PP
+\fBdebug\fR
+.RS 4
+Print debug information\&.
+.RE
+.PP
+\fBsilent\fR
+.RS 4
+Don\*(Aqt print informative messages\&.
+.RE
+.PP
+\fBusergroups\fR
+.RS 4
+If the user is not root and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007)\&.
+.RE
+.PP
+\fBnousergroups\fR
+.RS 4
+This is the direct opposite of the usergroups option described above, which can be useful in case pam_umask has been compiled with usergroups enabled by default and you want to disable it at runtime\&.
+.RE
+.PP
+\fBumask=\fR\fB\fImask\fR\fR
+.RS 4
+Sets the calling process\*(Aqs file mode creation mask (umask) to
+\fBmask\fR
+& 0777\&. The value is interpreted as Octal\&.
+.RE
+.SH "MODULE TYPES PROVIDED"
+.PP
+Only the
+\fBsession\fR
+type is provided\&.
+.SH "RETURN VALUES"
+.PP
+.PP
+PAM_SUCCESS
+.RS 4
+The new umask was set successfully\&.
+.RE
+.PP
+PAM_BUF_ERR
+.RS 4
+Memory buffer error\&.
+.RE
+.PP
+PAM_CONV_ERR
+.RS 4
+The conversation method supplied by the application failed to obtain the username\&.
+.RE
+.PP
+PAM_INCOMPLETE
+.RS 4
+The conversation method supplied by the application returned PAM_CONV_AGAIN\&.
+.RE
+.PP
+PAM_SERVICE_ERR
+.RS 4
+No username was given\&.
+.RE
+.PP
+PAM_USER_UNKNOWN
+.RS 4
+User not known\&.
+.RE
+.SH "EXAMPLES"
+.PP
+Add the following line to
+/etc/pam\&.d/login
+to set the user specific umask at login:
+.sp
+.if n \{\
+.RS 4
+.\}
+.nf
+ session optional pam_umask\&.so umask=0022
+
+.fi
+.if n \{\
+.RE
+.\}
+.sp
+.SH "SEE ALSO"
+.PP
+\fBpam.conf\fR(5),
+\fBpam.d\fR(5),
+\fBpam\fR(8)
+.SH "AUTHOR"
+.PP
+pam_umask was written by Thorsten Kukuk <kukuk@thkukuk\&.de>\&.