Hey thanks for the help! That's exactly what I was looking for.
One thing interesting that I noticed though was that one one machine I have the umask is set to 022 when a user logs in. However, if a user logs into a different machine the umask is set to 0002 but, if they su to root (something I can't do on the other machine) the umask is set to 0022. Therefore, I may not have a problem on the second machine.
Although upon further investigation of the /etc/profile and the /etc/bashrc files I did notice slight differences in them with regards to the umask.
#Machine 1 if [ `id -gn` = `id -un` -a `id -u` -gt 99 ]; then umask 002 else umask 022 fi
#Machine 2 if [ "`id -gn`" = "`id -un`" -a `id -u` -gt 99 ]; then umask 002 else umask 022 fi
You'll notice the double quotes (") around 'id -gn' and 'id -un' in the if else statement of Machine 2. I wonder if this has some effect on the umask settings? It also makes me wonder if machine 1 is up to date with all it's packages (I'm not the admin of Machine 1 so there's not much I can do about it).
At any rate, thanks for your help!
Fedora's default umask is set to 022.
Not normally for bash, no: see later.
I need it to be set to 002 so
that different users within the same group can ftp and download the
same file(s). However, I noticed that when I set the umask to 002 it
changes it system wide! I was wondering if this was a security risk?
My network admin wants us to ssh in change the owner of the file using
the sudo chown command, download the file, then change the owner back.
I REALLY don't want to do this for every file that I want to work on.
There has to be a way to change this and I think umask is the way to do
it. The thing is I do not want to go changing the umask of the system
without knowing if it's secure or not.
Short answer: Should be OK if you stick to Red Hat's default User
Private Group scheme (where each user has their own default group, the
home directories are set to that user's private group group, if you want
multiple users in the same group you create another group for that
purpose, and you use a separate shared directory with the setguid bit
set to ensure that files created in that directory by default are
created with the directory's group). But I'm worried about exactly what
you're doing. How are you changing umask anyway? How are these files
being created?
You should, in any case, read
http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/ s1-users-groups-private-groups.html
and / or the earlier version of that document,
http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/ref-guide/s1- users-groups-private-groups.html
Note, too, that umask for bash shells is set in /etc/bashrc (at the top): if you're using Red Hat style User Private Groups, the umask should already be 002.
Hope this helps,
James.
--
James Wilkinson | "Does exactly what it says on the tin." ...
Exeter Devon UK | I've got a tin at home: it says "Open other end".
E-mail address: james | It never is.
@westexe.demon.co.uk | -- Humphrey Lyttelton, "I'm Sorry, I Haven't A Clue"
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
Jay Paulson Web Design Specialist Southwest Educational Development Laboratory 211 E. 7th St., Suite 200 Austin, TX 78701-3253 512-476-6861 (voice) 512-476-2286 (fax) http://www.sedl.org