4

I know there's a ton of questions about this topic but I'm not being able to find the right answer. I have GNOME Version 3.22.2 running on a Debian GNU/Linux 9 (stretch) 64-bit.

The problem:

I'm trying to set up a shared folder (say thefolder) such that multiple users of a group (say thegroup) on the same machine can work on it. To do that I changed the ownership of the folder to thegroup and set the setgid bit of the folder.

$ ls -l
drwxrwsr-x 6 me thegroup 4096 Oct  1 20:29 thefolder

The only problem now is that the default umask in Debian is 0022 and this prevents other users to write on any subfolders or files that I create on thefolder.

What I've done so far:

  1. My first (naive) try was to set the umask in one of the shell configuration files. I added the line

    umask 0002

    in all of the files /etc/profile, /etc/bash.bashrc, ~/.profile and ~/.bashrc (each one at a time obviously) until I realized that this worked only for the shell (GNOME Terminal and TTYs) but not for other applications like Files or Gedit. I then deleted all these lines and tried something else.

  2. I added the line

    session optional pam_umask.so usergroups

    at the end of the file /etc/pam.d/common-session and restarted the computer. It is worth noting at this point that the options UMASK 022 and USERGROUPS_ENAB yes are both enabled in the /etc/login.defs file. Having done that I noticed that the umask was correctly set as 0002 for TTYs but not for the GNOME session (the GNOME Terminal and all other programs accessed through the graphical interface still worked with a 0022 umask)

  3. After that I tried to set the umask in the Xsession script of the GNOME Display Manager. I wrote the line 

    umask 0002

    at the begining of the file /etc/gdm3/Xsession but the problem persisted. I made a little experiment and wrote instead the following line 

    echo "umask: $(umask)" > $HOME/Desktop/debug

    and after log out and log in again the debug file contained the line

    umask: 0002

    which means that at that point the umask was still correct and that it is overwritten somewhere else after the Xsession script.

The question

Can someone explain to me where is the umask for the GNOME session defined and how can I change it?

eciii
  • 243
  • The issue is explained in my answer. When systemd --user is used to launch applications in Gnome, the umask gets overwritten (bug reports for systemd and gnome). For applications which are not launched by systemd --user, the configured umask(s) work as expected. I am not aware of any workaround (unless you consider writing your own patch to systemd as one). – sebasth Oct 03 '17 at 16:09
  • @sebasth thanks for the answer. I'll keep track of that issue. You can write a full answer instead of a comment and I'll mark it as answer to this question. – eciii Oct 03 '17 at 16:16
  • @sebasth If this is a systemd issue I wonder why it works for other distributions like fedora... – eciii Oct 03 '17 at 16:17
  • Answering known duplicate questions is discouraged to keep all the answers in same place. Have you actually verified that this works on Fedora, or do you have some (recent) source (also note that for applications which are not launched by systemd --user the umask is set correctly)? In such case I would be interested too to find out how come it works there. – sebasth Oct 03 '17 at 16:22
  • I just read the whole GNOME bug report and it quite goes beyond my scope of knowldege. I don't have any technical discussion at hand that supports that the bug doesn't appear in fedora. I just know that fedora works smoothly with a 0002 umask. I'll try to dig deeper into this issue but this will take some time. – eciii Oct 03 '17 at 16:49
  • I expanded my answer in the other question with details how to investigate this issue. – sebasth Oct 03 '17 at 16:55
  • If your question is not a dupe (i.e. the answers on the dupe don't solve your problem), then explain why they don't answer. Make the difference clear. – peterh Oct 03 '17 at 17:42

0 Answers0