diff options
Diffstat (limited to 'source/a/shadow/login.defs')
| -rw-r--r-- | source/a/shadow/login.defs | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/source/a/shadow/login.defs b/source/a/shadow/login.defs index 0e137a35a..022dd36fb 100644 --- a/source/a/shadow/login.defs +++ b/source/a/shadow/login.defs @@ -190,15 +190,23 @@ ERASECHAR 0177 KILLCHAR 025 #ULIMIT 2097152 -# Default initial "umask" value. -# UMASK is also used by useradd and newusers to set the mode of new home -# directories. +# +# Default initial "umask" value used by login(1) on non-PAM enabled systems. +# Default "umask" value for pam_umask(8) on PAM enabled systems. +# UMASK is also used by useradd(8) and newusers(8) to set the mode for new +# home directories if HOME_MODE is not set. # 022 is the default value, but 027, or even 077, could be considered -# better for privacy. There is no One True Answer here: each sysadmin -# must make up her mind. +# for increased privacy. There is no One True Answer here: each sysadmin +# must make up their mind. UMASK 022 # +# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new +# home directories. +# If HOME_MODE is not set, the value of UMASK is used to create the mode. +#HOME_MODE 0700 + +# # Password aging controls: # # PASS_MAX_DAYS Maximum number of days a password may be used. |