NIS: set default umask - Networking

This is a discussion on NIS: set default umask - Networking ; Good day to you all. Please forgive my ignorance in this matter, but I'd like to get some clarification regarding setting the default umask value for all Linux PCs in an NIS network. If I edit /var/yp/Makefile and input: UMASK ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: NIS: set default umask

  1. NIS: set default umask

    Good day to you all. Please forgive my ignorance in this matter, but
    I'd like to get some clarification regarding setting the default umask
    value for all Linux PCs in an NIS network.

    If I edit /var/yp/Makefile and input:
    UMASK = umask 022
    .... will that set the default umask for all users/systems on the NIS
    network?

    If so, is there anything that can override this setting on a per
    user/system basis?

    If so, is there anything else I can do to prevent the override?

    Thanks in advance. :-)

    - Ken

  2. Re: NIS: set default umask

    On Mar 7, 1:09*am, Ken Teague <"kteague at pobox dot com"> wrote:
    > If I edit /var/yp/Makefile and input:
    > * * UMASK = umask 022
    > ... will that set the default umask for all users/systems on the NIS
    > network?


    I'm guessing (since I don't have NIS on my machine) that that would
    set the umask for the NIS files only.


    > If so, is there anything that can override this setting on a per
    > user/system basis?


    Per system: look in /etc/profile.d and place a umask in the csh/sh
    files.


    > If so, is there anything else I can do to prevent the override?


    If you mean preventing a user from setting their own umask? Probably
    not.

    Paul

  3. Re: NIS: set default umask

    Paul Black wrote:
    > I'm guessing (since I don't have NIS on my machine) that that would
    > set the umask for the NIS files only.


    Gah! That's not what I want. :-( Maybe I should elaborate on my
    problem in more detail.

    We've got a NetApp filer that is exporting NFS and CIFS and the PC's
    that are accessing them are Windows and Linux systems. When a user on a
    Linux system creates a new file or directory, the umask is 002 and, as
    such, it's not accessible from a Windows box due to the permissions that
    are set on it.

    Previously, all of these files were on a Linux box running Samba, and
    they were owned by, say, userX:userX, and the permissions were set to
    rwx for user and group (umask 022). Just to make things easy (and the
    same as before), we'd like to make the default umask 022, and this
    includes any new Linux boxes that are introduced into the environment.
    Of course, setting this on each and every box is a pain. Also, if we
    forget to set that, it could lead to a lot of files being owned by an
    improper user:group and would be more of a pain to fix the problem it
    created.

    What is an elegant way to ensure all hosts (current and new) have a
    default umask of 022?


    >> If so, is there anything else I can do to prevent the override?

    >
    > If you mean preventing a user from setting their own umask? Probably
    > not.


    I was aiming more toward a local config file on the host PC overriding
    what we may be able to set the umask to via NIS (hope that makes sense
    :-). Again, using the "I forgot to modify the umask on this new PC"
    scenario.

    Thanks for the input, Paul.

    - Ken

  4. Re: NIS: set default umask

    On Mar 7, 7:02*am, Ken Teague <"kteague at pobox dot com"> wrote:
    > We've got a NetApp filer that is exporting NFS and CIFS and the PC's
    > that are accessing them are Windows and Linux systems. *When a user on a
    > Linux system creates a new file or directory, the umask is 002 and, as
    > such, it's not accessible from a Windows box due to the permissions that
    > are set on it.


    I don't follow that. I've just tried it at work and it's fine.

    I'm a little puzzled as what you're after seems to be a umask that
    turns off more permissions than the current setup so I don't yet
    understand why the file would be inaccessible for the more lax case.


    > Also, if we
    > forget to set that, it could lead to a lot of files being owned by an
    > improper user:group and would be more of a pain to fix the problem it
    > created.


    Where would this "improper" user:group would come from?

    Is it the same user name accessing via CIFS and NFS? (Or at least a
    CIFS user name mapped to the local user).

    Paul

  5. Re: NIS: set default umask

    Paul Black wrote:
    > On Mar 7, 7:02 am, Ken Teague <"kteague at pobox dot com"> wrote:
    >> When a user on a Linux system creates a new file or directory, the umask is 002 and, as
    >> such, it's not accessible from a Windows box due to the permissions that
    >> are set on it.

    >
    > I don't follow that. I've just tried it at work and it's fine.


    Sorry, I got my umask mixed up above. I meant to say 022. So, on the
    Linux side, when they create a new file or directory with a umask of
    022, only the user has access to it -- the group does not. On the
    Windows side, they need it to have group permission assigned to it as
    well in order to access said file.


    > I'm a little puzzled as what you're after seems to be a umask that
    > turns off more permissions than the current setup so I don't yet
    > understand why the file would be inaccessible for the more lax case.


    We need a way to set the default umask to 002 on all current and new PCs
    to 002, either through NIS or some configuration option that can be set
    on the NetApp filer to override the umask defined on the PCs.

    - Ken

+ Reply to Thread