[Pkg-shadow-commits] r267 - trunk/debian
Christian Perrier
pkg-shadow-devel@lists.alioth.debian.org
Fri, 17 Jun 2005 21:31:19 +0000
Author: bubulle
Date: 2005-06-17 21:31:18 +0000 (Fri, 17 Jun 2005)
New Revision: 267
Modified:
trunk/debian/changelog
trunk/debian/login.defs
Log:
Comment out the confusing umask setting which only affects console logins.
Document the encouraged use of pam_umask instead
See #314539 and a recent thread in -devel
Modified: trunk/debian/changelog
===================================================================
--- trunk/debian/changelog 2005-06-17 21:17:36 UTC (rev 266)
+++ trunk/debian/changelog 2005-06-17 21:31:18 UTC (rev 267)
@@ -12,6 +12,9 @@
- debian/login.defs:
Make SU_PATH and PATH consistent with the values used in /etc/profile
Closes: #286616
+ Comment the UMASK setting which is mor econfusing than useful
+ as it only affects console logins. Better use pam_umask instead
+ Closes: #314539, #248150
- debian/passwd.config:
Re-enable the password confirmation question at critical priority
Closes: #304350
Modified: trunk/debian/login.defs
===================================================================
--- trunk/debian/login.defs 2005-06-17 21:17:36 UTC (rev 266)
+++ trunk/debian/login.defs 2005-06-17 21:31:18 UTC (rev 267)
@@ -167,12 +167,25 @@
# The ERASECHAR and KILLCHAR are used only on System V machines.
# The ULIMIT is used only if the system supports it.
# (now it works with setrlimit too; ulimit is in 512-byte units)
+#
+# UMASK setting here is discouraged with the following rationale:
+# Since any login session these days will invoke a shell, there is no
+# point in having login.defs set the umask -- the shell will override
+# it anyway.
+# Moreover, login.defs is only used for console logins, not, for
+# nstance for SSH logins, so settign the umask here only
+# could end up in an inconsistent behaviour
+# See #314539 and #248150
+# as well as the thread starting at
+# http://lists.debian.org/debian-devel/2005/06/msg01598.html
#
+# Actually, the use of pam_umask is encouraged (Debian package libpam-umask).
+#
# Prefix these values with "0" to get octal, "0x" to get hexadecimal.
#
ERASECHAR 0177
KILLCHAR 025
-UMASK 022
+#UMASK 022
#ULIMIT 2097152
#