homme.io
Clean.Precise.Quick.
..
SAKURA
PLATO
Фотография
Философия
Искусство
История
DevOps
C/C++
DBMS
Oracle
Спорт
Linux
Rust
Lua
IT

Infinitum.Aeterna
2025.Тайланд
2025.08.Турция
2025.Зубовка
2025.Дивеево
2025.Суздаль-Плес
2025.Рязань
2024.Зубовка
2024.Египет
2024.Эмираты
2024.01.Зоопарк
2024.Китай
Иран в лицах
2023.Иран
2023.09.Египет
2023.07.Царицыно
2023.06.Москва
2023.06.Египет
2023.05.Москва
2023.Стамбул
2023.02.Царицыно
2023.01.Зубовка
2023.ЧИА
2023.ЗИМА
2022.11.Турция
2022.Аносино
2022.ОСЕНЬ
2022.08.Зубовка
2022.07.Турция
2022.Раменское
2022.ЛЕТО
2022.Архангельское
2022.Парк
2022.Петербург
2022.Ярославль
2022.03.Зубовка
2022.Кокошкино
2022.Сочи
2022.ВЕСНА
2022.02.Царицыно
2022.Стамбул
2022.02.Коломенское
2022.ЗИМА
2021.Зубовка
2021.ОСЕНЬ
2021.Египет
2021.Раменское
2021.ЛЕТО
2021.Дивеево
2021.Азов
2021.02.Зоопарк
2021.Карелия
2020.Петербург
2020.Турция
2020.Аносино
2020.Азов
2020.Верея
2020.Арктика
2020.Греция
2019.Турция
2019.Зубовка
2019.Дагестан
2019.Дагестан+
2019.Египет
2019.Италия
2019.Куликово поле
2019.Калуга
2019.02.Танцы
2019.Байкал
2018.Переславль
2018.Плес
2018.Березка
2018.Крым
2018.Азов
2018.Калининград
2018.Петербург
2018.Эльбрус
2017.Турция
2015.Египет
2013.Египет
2013.Рим
Разное

How to set umask for a system-user?

https://unix.stackexchange.com/questions/36220/how-to-set-umask-for-a-system-user

Q: Is it possible to set the umask for a system-user (created with useradd --system username)?

A: There are three normal ways to set a user's umask.

  1. Set UMASK in /etc/login.defs
  2. Add pam_umask.so to your PAM configuration in /etc/pam.d
  3. Set it in the shell startup files, e.g. /etc/profile

There is no difference between system users and normal users in this regard.

But I'm assuming you're trying to start a daemon with a custom umask?

The problem is: all of the above options happen when a user logs in. If you're running a daemon, it never logs in. It's started by init, then either runs as root, or calls setuid to run as the system user you specify.

Your main options are:

  1. put umask in your init script (do a grep umask /etc/init.d/* for an example)
  2. configure init to start the program with a custom umask (systemd.exec upstart umask)
  3. if using start-stop-daemon, pass the umask option
  4. modify the program itself to call the umask function or system call

 

ANOTHER PATH:

http://xopo3o.blogspot.com/2017/07/how-to-set-umask-for-user-has.html

 

Come back to the last week, I worked on case "change umask for SFTP/ SSH user"

At that time, I simply thought that it is umask. So I added umask to ~/.bashrc and ~/.bash_profile.

But nothing to change. It means that I need think logically.

User login -> ssh -> pam.d/ssh -> /etc/profile (~/.bash_profile)

Why? 
A few second I see that user's ssh/ sftp has shell environment is /sbin/nologin. So it is not affected by ~/.bash_profile, also /etc/profile

And then I need to add "umask" on "ssh" step of flowchart:
User login -> ssh -> pam.d/ssh -> /etc/profile (~/.bash_profile)

 
I go to /etc/ssh/sshd_config
# override default of no subsystems#Subsystem      sftp    /usr/libexec/openssh/sftp-serverSubsystem       sftp internal-sftpGatewayPorts no
 
add "-u 0022" umask as below
# override default of no subsystems
#Subsystem      sftp    /usr/libexec/openssh/sftp-server
Subsystem       sftp internal-sftp -u 0022
GatewayPorts no
 
After that, I re-login & create a file and I see that umask' file is 0022.
That's cool!
 

 

sdmrnv [2.70ms]