Hello, when using for instance useradd jack -m -G users,wheel,audio -s /bin/bash the homedir /home/jack gets the permissions 755. This is totally wrong. Can this be fixed? Reproducible: Always Steps to Reproduce: 1. 2. 3. emerge info Portage 2.0.51-r2 (default-x86-2004.2, gcc-3.3.4, glibc-2.3.4.20040808-r1, 2.6.9 i686) ================================================================= System uname: 2.6.9 i686 Intel(R) Pentium(R) M processor 1400MHz Gentoo Base System version 1.4.16 distcc 2.16 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] Autoconf: sys-devel/autoconf-2.59-r5 Automake: sys-devel/automake-1.8.5-r1 Binutils: sys-devel/binutils-2.14.90.0.8-r1 Headers: sys-kernel/linux26-headers-2.6.8.1 Libtools: sys-devel/libtool-1.5.2-r5 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-O2 -march=pentium3 -msse2 -fomit-frame-pointer -pipe" CHOST="i686-pc-linux-gnu" COMPILER="" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/lib/mozilla/defaults/pref /usr/share/config /usr/share/texmf/dvipdfm/config/ /usr/share/texmf/dvips/config/ /usr/share/texmf/tex/generic/config/ /usr/share/texmf/tex/platex/config/ /usr/share/texmf/xdvi/ /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -march=pentium3 -msse2 -fomit-frame-pointer -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoaddcvs ccache distcc distlocks sandbox" GENTOO_MIRRORS="ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.informatik.rwth-aachen.de/gentoo-portage" USE="X acpi alsa bitmap-fonts bonobo crypt cups foomaticdb gnome gtk gtk2 ithreads jpeg mmx moznocompose moznoirc mozsvg ncurses nls nodrm oggvorbis pam png ppds qt readline spell sse sse2 ssl tetex truetype unicode x86 xprint zlib"
*** Bug 69784 has been marked as a duplicate of this bug. ***
it's supposed to be like that from shadow's useradd.c source: /* * create_home - create the user's home directory * * create_home() creates the user's home directory if it does not * already exist. It will be created mode 755 owned by the user * with the user's default group. */
Well, but you see my point, right? And I am sure it wasn't always this way, because I remember not being able to look into another users dir some time ago. These directories are considered to be private. No other individual other than BOFH should be able to go into them. Well, maybe I see things wrong. But I like to think I'm not. Regards Sebastian
yes i see the point, but it's not a bug in the code ;) i'll e-mail upstream and see how they feel about changing the default
*** Bug 71347 has been marked as a duplicate of this bug. ***
*** Bug 91166 has been marked as a duplicate of this bug. ***
why? This is complete fuckup?
Created attachment 57847 [details, diff] patch to fix patch to fix
755 is correct.
http://pronics.fi/~eero/mirrors/shadow-fixes.tar.bz2 contains my ebuild to fix problem.
Well. It is correct, but _insecure_ way. If this is not fixed by coder then is should be fixed by vendor patch (Gentoo)
Insecure? Hardly. It's a sane default. If you don't like it, change it manually.
How about making it configurable?
Comment #13: Use app-admin/superadduser and configure it there. IIRC it has 711 as default. Also, is it pretty much configurable with chmod. ;-)
*** Bug 179319 has been marked as a duplicate of this bug. ***
