使用新的 ssh 登入:
$ umask
0007
但:
$ find . -maxdepth 1 -name '.*' -type f | xargs grep 007 | less
$
# grep 007 /etc/profile
#
# grep -i umask /etc/login.defs
# UMASK Default "umask" value.
# UMASK is the default umask value for pam_umask and is used by
# 022 is the "historical" value in Debian for UMASK
UMASK 027
# Other former uses of this variable such as setting the umask when
# grep -i umask /etc/pam.d/common-session
session optional pam_umask.so usergroups
搞什麼?德班發明任意umask?而且 /etc 中沒有其他來源與 007 相符!
系統使用 LDAP(nscld、pam_ldap)進行驗證
更多資訊:這只發生在一位用戶身上。不適用於 root 或其他使用者。一旦我向某個用戶“su”,我就會再次得到 007。
作為根用戶:
# strace -f -o basz.log su baduser
有些東西正在設定這個 umask,但我不知道是什麼:
[...]
2622 open("/etc/group", O_RDONLY|O_CLOEXEC) = 4
2622 _llseek(4, 0, [0], SEEK_CUR) = 0
2622 fstat64(4, {st_mode=S_IFREG|0644, st_size=1719, ...}) = 0
2622 mmap2(NULL, 1719, PROT_READ, MAP_SHARED, 4, 0) = 0xb7786000
2622 _llseek(4, 1719, [1719], SEEK_SET) = 0
2622 fstat64(4, {st_mode=S_IFREG|0644, st_size=1719, ...}) = 0
2622 munmap(0xb7786000, 1719) = 0
2622 close(4) = 0
2622 socket(PF_FILE, SOCK_STREAM, 0) = 4
2622 connect(4, {sa_family=AF_FILE, path="/var/run/nslcd/socket"}, 23) = 0
2622 gettimeofday({1404702848, 321946}, NULL) = 0
2622 gettimeofday({1404702848, 322029}, NULL) = 0
2622 poll([{fd=4, events=POLLOUT}], 1, 10000) = 1 ([{fd=4, revents=POLLOUT}])
2622 send(4, "\1\0\0\0\212\23\0\0\361\3\0\0", 12, MSG_NOSIGNAL) = 12
2622 gettimeofday({1404702848, 322363}, NULL) = 0
2622 gettimeofday({1404702848, 322464}, NULL) = 0
2622 poll([{fd=4, events=POLLIN}], 1, 60000) = 1 ([{fd=4, revents=POLLIN|POLLHUP}])
2622 read(4, "\1\0\0\0\212\23\0\0\0\0\0\0\4\0\0\0baduser\1\0\0\0*\361\3\0\0\2\0\0"..., 1024) = 57
2622 gettimeofday({1404702848, 323811}, NULL) = 0
2622 gettimeofday({1404702848, 323898}, NULL) = 0
2622 gettimeofday({1404702848, 323983}, NULL) = 0
2622 gettimeofday({1404702848, 324067}, NULL) = 0
2622 gettimeofday({1404702848, 324170}, NULL) = 0
2622 gettimeofday({1404702848, 324256}, NULL) = 0
2622 gettimeofday({1404702848, 324340}, NULL) = 0
2622 gettimeofday({1404702848, 324434}, NULL) = 0
2622 gettimeofday({1404702848, 324518}, NULL) = 0
2622 gettimeofday({1404702848, 324602}, NULL) = 0
2622 gettimeofday({1404702848, 324686}, NULL) = 0
2622 gettimeofday({1404702848, 324772}, NULL) = 0
2622 poll([{fd=4, events=POLLIN}], 1, 0) = 1 ([{fd=4, revents=POLLIN|POLLHUP}])
2622 read(4, "", 1024) = 0
2622 gettimeofday({1404702848, 325036}, NULL) = 0
2622 close(4) = 0
2622 umask(0777) = 027
2622 umask(07) = 0777
[...]
更多資訊:
- 如果我在 /etc/profile 中寫入“umask 0027”,它也可以工作!
- 如果我刪除主目錄並重新建立它,問題仍然存在
答案1
答案是:
man pam_umask
usergroups
If the user is not root, and the user ID is equal to the group ID, and the
username is the same as primary group name, the umask group bits are set to
be the same as owner bits (examples: 022 -> 002, 077 -> 007).
男人 ...