On February 24, 2004 10:27 am, Kieran Hood wrote: > I want to make it so that all new files created in a user's home > directories are only readable by the users who own them and their groups. > Is umask the best way to do this? Also where do I add the command so that > it is executed on startup? Thanks > > -- > Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/ Hi Kieran, yes, umask is the utility to change default file permissions for a user, but not specificly for their home dir. You can edit /etc/bashrc for global bash umask. Near the top you will find a section like: # by default, we want this to get set. # Even for non-interactive, non-login shells. if [ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ]; then umask 002 else umask 022 fi --------------------------------------------- The top one is for regular (non-system) accounts, although useradd starts at 500 for regular users. If you changed "umask 002" to "umask 007" then all user created files and directories would be created as readable (and dir's exec-able) only by the user. Again, that would be set to the user, not just their home directory. The user can also use umask to change that setting. If you look at the default perms on the users home you should find only the owner can read or exec the home directory anyway, so in most cases, no changes should be needed. Also, the default user scheme in Red Hat will create a "user private" group, so each users primary group is the same as their userid. Hope that helps. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
