<div dir="ltr"><div class="gmail_default" style="font-family:verdana,sans-serif">Hi Simo,</div><div class="gmail_default" style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" style="font-family:verdana,sans-serif">We are using "session optional <b>pam_oddjob_mkhomedir</b>.so umask=0077"</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><i style="font-size:12.8000001907349px"><span style="font-family:verdana,sans-serif">Best Regards,</span></i><br></div><div dir="ltr"><div style="font-size:12.8000001907349px"><div><i><span style="font-family:verdana,sans-serif">__________________________________________<br></span></i></div><i><span style="font-family:verdana,sans-serif">Yogesh Sharma<br></span></i></div><span style="font-size:12.8000001907349px;font-family:verdana,sans-serif"><i>Email: <a href="mailto:yks0000@gmail.com" target="_blank">yks0000@gmail.com</a> | Web: <span style="color:rgb(0,0,0)"><a href="http://www.initd.in/" target="_blank">www.initd.in</a> </span></i></span><br></div><div dir="ltr"><span style="font-size:12.8000001907349px;font-family:verdana,sans-serif"><i><span style="color:rgb(0,0,0)"><br></span></i></span></div><div><span style="font-size:12.8000001907349px;font-family:verdana,sans-serif"><i><span style="color:rgb(0,0,0)">RHCE, VCE-CIA, RACKSPACE CLOUD U Certified</span></i></span></div><div dir="ltr"><br></div><div dir="ltr"><a href="https://www.fb.com/yks0000" target="_blank"><img src="http://i.imgbox.com/ojTDSuw0.gif" alt=""></a> <a href="http://in.linkedin.com/in/yks0000" target="_blank"><img src="http://i.imgbox.com/fHLDBlyz.gif"></a> <a href="https://twitter.com/checkwithyogesh" target="_blank"><img src="http://i.imgbox.com/vTX3eOJ5.gif"></a> <a href="http://google.com/+YogeshSharmaOnGooglePlus" target="_blank"><img src="http://i.imgbox.com/W2bQouRN.gif"></a></div></div></div></div></div></div></div></div></div>
<br><div class="gmail_quote">On Mon, Aug 24, 2015 at 12:21 AM, Simo Sorce <span dir="ltr"><<a href="mailto:simo@redhat.com" target="_blank">simo@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Sun, 2015-08-23 at 12:06 +0530, Yogesh Sharma wrote:<br>
> Typo: Umask set is 0077, then the permission should be 700, though we are<br>
> getting 755.<br>
<br>
Where are you setting this mask ?<br>
And what pam helper do you use to create the home dirs ?<br>
pam_mkhomedir ? ot pam_oddjob_mkhomedir ?<br>
<br>
Simo.<br>
<br>
> *Best Regards,*<br>
><br>
> *__________________________________________*<br>
><br>
> *Yogesh Sharma*<br>
> *Email: <a href="mailto:yks0000@gmail.com">yks0000@gmail.com</a> <<a href="mailto:yks0000@gmail.com">yks0000@gmail.com</a>> | Web: <a href="http://www.initd.in" rel="noreferrer" target="_blank">www.initd.in</a><br>
> <<a href="http://www.initd.in/" rel="noreferrer" target="_blank">http://www.initd.in/</a>> *<br>
><br>
> *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*<br>
><br>
> <<a href="https://www.fb.com/yks0000" rel="noreferrer" target="_blank">https://www.fb.com/yks0000</a>> <<a href="http://in.linkedin.com/in/yks0000" rel="noreferrer" target="_blank">http://in.linkedin.com/in/yks0000</a>><br>
> <<a href="https://twitter.com/checkwithyogesh" rel="noreferrer" target="_blank">https://twitter.com/checkwithyogesh</a>><br>
> <<a href="http://google.com/+YogeshSharmaOnGooglePlus" rel="noreferrer" target="_blank">http://google.com/+YogeshSharmaOnGooglePlus</a>><br>
><br>
> On Sun, Aug 23, 2015 at 12:00 PM, Yogesh Sharma <<a href="mailto:yks0000@gmail.com">yks0000@gmail.com</a>> wrote:<br>
><br>
> > Hi,<br>
> ><br>
> > FreeIPA users are getting their home directory with default permission of<br>
> > 755 instead of 700.<br>
> ><br>
> > I have checked the pam.d configuration and the umask set there for<br>
> > mkhomedir.so is 0700, however home dir permission are not according to this.<br>
> ><br>
> > Is there somewhere else we need to add the umask to make it 700. Please<br>
> > suggest.<br>
> ><br>
> > *Best Regards,*<br>
> ><br>
> > *__________________________________________*<br>
> ><br>
> > *Yogesh Sharma*<br>
> > *Email: <a href="mailto:yks0000@gmail.com">yks0000@gmail.com</a> <<a href="mailto:yks0000@gmail.com">yks0000@gmail.com</a>> | Web: <a href="http://www.initd.in" rel="noreferrer" target="_blank">www.initd.in</a><br>
> > <<a href="http://www.initd.in/" rel="noreferrer" target="_blank">http://www.initd.in/</a>> *<br>
> ><br>
> > *RHCE, VCE-CIA, RACKSPACE CLOUD U Certified*<br>
> ><br>
> > <<a href="https://www.fb.com/yks0000" rel="noreferrer" target="_blank">https://www.fb.com/yks0000</a>> <<a href="http://in.linkedin.com/in/yks0000" rel="noreferrer" target="_blank">http://in.linkedin.com/in/yks0000</a>><br>
> > <<a href="https://twitter.com/checkwithyogesh" rel="noreferrer" target="_blank">https://twitter.com/checkwithyogesh</a>><br>
> > <<a href="http://google.com/+YogeshSharmaOnGooglePlus" rel="noreferrer" target="_blank">http://google.com/+YogeshSharmaOnGooglePlus</a>><br>
> ><br>
<span class="HOEnZb"><font color="#888888"><br>
<br>
--<br>
Simo Sorce * Red Hat, Inc * New York<br>
<br>
</font></span></blockquote></div><br></div>