On 10/7/2010 9:25 PM, Tom H wrote:
> On Thu, Oct 7, 2010 at 7:20 PM, David Goldsmith <dgoldsmith@xxxxxxxx> wrote:
>> Two servers, each have normal user umask values of 0077 and root umask
>> values on 0022.
>>
>> On the first server (CentOS 5.4 i386) running sudo 1.6.9pl7-5 (from
>> base), here are the results of touching a file as a user, as root and as
>> a user sudoing to root:
>>
>> user: touch file - result is 600
>> root: touch file - result is 644
>> user: sudo touch file - result is 644
>>
>> On the second server (CentOS x86-64) running sudo 1.7.2p1-7 (from
>> updates), here are the results of the same actions:
>>
>> user: touch file - result is 600
>> root: touch file - result is 644
>> user: sudo touch file - result is 600 ** this differs **
>>
>> On the second system, if I downgrade sudo to the base version, it
>> behaves the same as on the first server, so this appears to be sudo
>> version specific rather than an i386 vs x86-64 difference.
>>
>> Looking at the changelogs at the package home site, I don't see anything
>> obvious that covers this change:
>>
>> http://www.courtesan.com/sudo/stable.html#1.7.0
>> http://www.courtesan.com/sudo/stable.html#1.7.1
>> http://www.courtesan.com/sudo/stable.html#1.7.2
>>
>> Does anyone know how to change the behavior with the umask values when
>> using the newer version of sudo?
>>
>> This is causing us some issues when sudoing to update an SVN working
>> directory used by our Puppet server.
>
> Check for a "umask" variable/line in the two installs' /etc/sudoers file.
"grep -i mask /etc/sudoers" on both servers gets no hits.
David Goldsmith
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
