Closed
Description
Reference: http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html
My current install has this in /etc/profile:
# The default umask is now handled by pam_umask.
# See pam_umask(8) and /etc/login.defs.
And, indeed /etc/profile has UMASK> > 022, but:
simon@QOF:~$ umask
0000
The effect of this is that new files are created with 666 and dirs with 777 permissions:
simon@QOF:~$ touch file
simon@QOF:~$ mkdir dir
simon@QOF:~$ ll -d file dir
drwxrwxrwx 2 simon simon 0 May 12 22:54 dir/
-rw-rw-rw- 1 simon simon 0 May 12 22:54 file
This mostly isn't a real problem since UoW doesn't have to care about multiple users, it largely shows up as ls showing dirs with an ugly green background, but it could freak out some tools, similar to ssh wanting 600 on your private keys.
Simplest fix would probably be to dump a umask 022 in /etc/profile, but it seems there's a bunch of stuff in that /etc/login.defs
Easy workaound is to add a umask to your ~/.bashrc
Metadata
Metadata
Assignees
Type
Projects
Milestone
Relationships
Development
No branches or pull requests
Participants
Activity
simonbuchan commentedon May 13, 2016
May be somewhat related to #167 ,
/etc/profileis supposed to be read if bash is a login shell - but evenbash.exe --logindoesn't seem to usepam_umaskbenhillis commentedon May 13, 2016
@simonbuchan Thanks for reporting this. I think there are a couple things going on here. I verified that when bash.exe --login is launched /bin/bash does read from /etc/profile. I dumped my default /etc/profile and noticed a comment that:
When you run "bash.exe --login" that translates into "/bin/bash --login". We don't run the /bin/login binary and I'm assuming that's what normally sets up pam_umask. Did you try adding a new umask to value to your /etc/profile? It should work (when using bash.exe --login).
simonbuchan commentedon May 13, 2016
Yep,
umaskin both/etc/profileand~/.profilerun with bothbash.exe --loginandbash -c "bash --login".Interestingly, if I revert the
umaskcommand and dobash.exe -c "sudo login"thenumaskis0002- no idea where that is coming from!0xMF commentedon May 26, 2016
Please ensure umask is never 0000 no matter how bash is started.
I understand users can set umask to saner defaults in their own bashrc files but it means whatever directories and files auto-installed by scripts after WSL setup and user first bash run till the bad umask was discovered now have to be changed to sane defaults. This is exacerbated in git-based repos because git will track the change of perms to saner defaults as a (needless) change thereby status of git repo becomes dirty which simply put is both: confusing and annoying.
simonbuchan commentedon May 26, 2016
@0xMF don't worry, git only tracks +x, and the .bashrc changes are mentioned as a workaround
neurogenesis commentedon Oct 16, 2016
This also causes problems for zsh (compinit/compaudit). If you use a tool like antigen the directory permissions will throw shell errors when compinit/compaudit (command completion) is loaded.
Essentially any tool that performs basic checking for "other" write/read permissions will fail.
For anyone else trying to use dropbox, careful with symlinks to the windows
/mnt/c/.... You'll likely run into a lot of problems. Unfortunately, dropbox for linux doesn't work yet either (because of the /proc/vmstat issue: #1071 ).zhangxj5 commentedon Oct 23, 2016
Hello, It's very strange. If I run ./configure, I found that the Makefile in the dir and sub dir only has permission rw no x. So some middle product didn't output, ./configure is right, but can't do make.
It's a big problem.
zhangxj5 commentedon Oct 24, 2016
/usr/bin/m4: m4_esyscmd subprocess failed: Operation not permitted
/usr/bin/m4:configure.ac:489: cannot run command `./scripts/version.sh': Operation not permitted
carlpaten commentedon Dec 1, 2016
I have put this in my
~/.profilein the meantime:@benhillis: if you have time to entertain my curiosity - is there a particular reason you don't run /bin/login?
86 remaining items