picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

man: rework UMask= explanation

Browse source 
Mention the JSON user record stuff. Mention pam_umask explicitly.
Mention that UMask= of the per-user user@.service instance can be used
too.

Fixes: #16963
This commit is contained in:
Lennart Poettering 2020-09-14 11:03:59 +02:00 committed by Zbigniew Jędrzejewski-Szmek
parent 2a03b9ed21
commit 60bcb45927
1 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
man/systemd.exec.xml
View file

@ -863,12 +863,17 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
<listitem><para>Controls the file mode creation mask. Takes an access mode in octal notation. See <listitem><para>Controls the file mode creation mask. Takes an access mode in octal notation. See
<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry> for <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry> for
details. Defaults to 0022 for system units. For units of the user service manager the default value details. Defaults to 0022 for system units. For user units the default value is inherited from the
is inherited from the user instance (whose default is inherited from the system service manager, and per-user service manager (whose default is in turn inherited from the system service manager, and
thus also is 0022). Hence changing the default value of a user instance, either via thus typically also is 0022 — unless overriden by a PAM module). In order to change the per-user mask
<varname>UMask=</varname> or via a PAM module, will affect the user instance itself and all user for all user services, consider setting the <varname>UMask=</varname> setting of the user's
units started by the user instance unless a user unit has specified its own <filename>user@.service</filename> system service instance. The per-user umask may also be set via
<varname>UMask=</varname>.</para></listitem> the <varname>umask</varname> field of a user's <ulink url="https://systemd.io/USER_RECORD">JSON User
Record</ulink> (for users managed by
<citerefentry><refentrytitle>systemd-homed.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
this field may be controlled via <command>homectl --umask=</command>). It may also be set via a PAM
module, such as <citerefentry
project='man-pages'><refentrytitle>pam_umask</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para></listitem>
</varlistentry> </varlistentry>
<varlistentry> <varlistentry>