1 <?xml version="1.0" encoding='UTF-8'?>
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
3 "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
5 <refentry id="pam_umask">
8 <refentrytitle>pam_umask</refentrytitle>
9 <manvolnum>8</manvolnum>
10 <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
13 <refnamediv id="pam_umask-name">
14 <refname>pam_umask</refname>
15 <refpurpose>PAM module to set the file mode creation mask</refpurpose>
19 <cmdsynopsis id="pam_umask-cmdsynopsis">
20 <command>pam_umask.so</command>
31 umask=<replaceable>mask</replaceable>
36 <refsect1 id="pam_umask-description">
38 <title>DESCRIPTION</title>
41 pam_umask is a PAM module to set the file mode creation mask
42 of the current environment. The umask affects the default
43 permissions assigned to newly created files.
46 The PAM module tries to get the umask value from the
47 following places in the following order:
56 umask= entry of the users GECOS field
61 pri= entry of the users GECOS field
66 ulimit= entry of the users GECOS field
71 UMASK= entry from /etc/default/login
76 UMASK entry from /etc/login.defs
84 <refsect1 id="pam_umask-options">
86 <title>OPTIONS</title>
92 <option>debug</option>
96 Print debug information.
103 <option>silent</option>
107 Don't print informative messages.
114 <option>usergroups</option>
118 If the user is not root, and the user ID is equal to the
119 group ID, and the username is the same as primary group name,
120 the umask group bits are set to be the same as
121 owner bits (examples: 022 -> 002, 077 -> 007).
128 <option>umask=<replaceable>mask</replaceable></option>
132 Sets the calling process's file mode creation mask (umask)
133 to <option>mask</option> & 0777. The value is interpreted
144 <refsect1 id="pam_umask-types">
145 <title>MODULE TYPES PROVIDED</title>
147 Only the <option>session</option> type is provided.
151 <refsect1 id='pam_umask-return_values'>
152 <title>RETURN VALUES</title>
157 <term>PAM_SUCCESS</term>
160 The new umask was set successfully.
166 <term>PAM_SERVICE_ERR</term>
169 No username was given.
175 <term>PAM_USER_UNKNOWN</term>
187 <refsect1 id='pam_umask-examples'>
188 <title>EXAMPLES</title>
190 Add the following line to <filename>/etc/pam.d/login</filename> to
191 set the user specific umask at login:
193 session optional pam_umask.so umask=0022
198 <refsect1 id='pam_umask-see_also'>
199 <title>SEE ALSO</title>
202 <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum>
205 <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum>
208 <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum>
213 <refsect1 id='pam_umask-author'>
214 <title>AUTHOR</title>
216 pam_umask was written by Thorsten Kukuk <kukuk@thkukuk.de>.