Bug 55944 – Posix Permission for /home/<username | umask is not configurable

Bug 55944 - Posix Permission for /home/<username | umask is not configurable


Summary:	Posix Permission for /home/<username \| umask is not configurable

Status:	NEW

Product:	UCS
Classification:	Unclassified
Component:	UCR
Version:	UCS 5.0
Hardware:	Other Linux

Importance:	P5 normal with 2 votes (vote)
Target Milestone:	---
Assigned To:	UCS maintainers
QA Contact:	UCS maintainers

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2023-04-04 18:13 CEST by Mirac Erdemiroglu
Modified:	2023-12-07 10:19 CET (History)
CC List:	3 users (show)

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	2: Improvement: Would be a product improvement
Who will be affected by this bug?:	3: Will affect average number of installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.069
Enterprise Customer affected?:	Yes
School Customer affected?:	Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2023033121000765, 2023110721000223
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mirac Erdemiroglu

2023-04-04 18:13:12 CEST

The Posix Permission for /home/<username is not configurable via UCRV.
Default is 755, it would be good to make it configurable.

A workaround is to edit the umask in this file
/etc/univention/templates/files/etc/pam.d/common-session.d/10univention-pam_common

and this sentence
print('session    required   pam_mkhomedir.so skel=/etc/skel umask=0077')

then a
ucr commit /etc/pam.d/common-session

so the user get a 700 posix permission.

Comment 1 Finn David

2023-12-07 10:19:50 CET

We have another customer who wants to change the umask and is a bit irritated that we haven't fixed it yet.