Hello everyone
i still use rhel 9 beta i know i should use the release but if anyone running rhel 9
could check if the umask section of the \etc\profile\ exist or not?
cause it not exist in my rhel beta 9 and also if there some cases that make that part not be included could you mention that (not need all possible cases but if you bring one then it fine despite it cover my case or not)
thanks for your time and help and have a nice day 
When I installed the official a couple of days ago:
# /etc/profile
# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc
# It's NOT a good idea to change this file unless you know what you
# are doing. It's much better to create a custom.sh shell script in
# /etc/profile.d/ to make custom changes to your environment, as this
# will prevent the need for merging in future updates.
pathmunge () {
case ":${PATH}:" in
*:"$1":*)
;;
*)
if [ "$2" = "after" ] ; then
PATH=$PATH:$1
else
PATH=$1:$PATH
fi
esac
}
if [ -x /usr/bin/id ]; then
if [ -z "$EUID" ]; then
# ksh workaround
EUID=`/usr/bin/id -u`
UID=`/usr/bin/id -ru`
fi
USER="`/usr/bin/id -un`"
LOGNAME=$USER
MAIL="/var/spool/mail/$USER"
fi
# Path manipulation
if [ "$EUID" = "0" ]; then
pathmunge /usr/sbin
pathmunge /usr/local/sbin
else
pathmunge /usr/local/sbin after
pathmunge /usr/sbin after
fi
HOSTNAME=$(/usr/bin/hostnamectl --transient 2>/dev/null) || \
HOSTNAME=$(/usr/bin/hostname 2>/dev/null) || \
HOSTNAME=$(/usr/bin/uname -n)
HISTSIZE=1000
if [ "$HISTCONTROL" = "ignorespace" ] ; then
export HISTCONTROL=ignoreboth
else
export HISTCONTROL=ignoredups
fi
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE HISTCONTROL
for i in /etc/profile.d/*.sh /etc/profile.d/sh.local ; do
if [ -r "$i" ]; then
if [ "${-#*i}" != "$-" ]; then
. "$i"
else
. "$i" >/dev/null
fi
fi
done
unset i
unset -f pathmunge
if [ -n "${BASH_VERSION-}" ] ; then
if [ -f /etc/bashrc ] ; then
# Bash login shells run only /etc/profile
# Bash non-login shells run only /etc/bashrc
# Check for double sourcing is done in /etc/bashrc.
. /etc/bashrc
fi
fi
that’s the complete content of the file.
thanks a lot @iwalker
mine is longer
i will report it and let you know how it ended
thanks again and have a nice day
Is there any chance that it could have been refactored into:
/etc/profile.d/*.sh
searched the folder but did not find any umask there also
Interesting. I did check CentOS 7, AlmaLinux 8, and AlmaLinux 9 beta.
On the two former distros both /etc/profile and /etc/bashrc do set umask.
In 9 beta only the /etc/bashrc does (and rpm -q --changelog -f /etc/profile is really short).
The RHEL 9 Release Notes do not contain word ‘umask’.
If RH has changed policy, then where is it documented?
On a (CentOS 7) system, where all accounts do not get the ‘002’ by default, I’ve overridden the default by:
$ cat files/umask.sh
if [ $UID -gt 999 ]; then
umask 002
else
umask 022
fi
that I have deployed with Ansible task:
- name: Copy {{ site_name }}-umask.sh
copy:
src: umask.sh
dest: /etc/profile.d/{{ site_name }}-umask.sh
when: use_umask002|default(false)|bool
That is, there is a workaround, if RH seems to take its time.
I see that you did report: 2089437 – missing umask in the /etc/profile
Someone made similar report in March: 2062601 – Incorrect umask settings for a normal user
A Fedora bug report is more explanatory: 1902166 – bashrc sets hardcoded umask
thanks for the info
so let us see how they update the doc maybe that explain what their plan
and have a nice day
Hello everyone
just wanted to metioned that today they updated the doc and for the bash login shell you can set the default umask in /etc/login.defs
as in the updated version of the doc here
as mentioned in the bug that @jlehtone mentioned above
and have a nice day everyone
OK, so does anyone know what the defaults are in RHEL9, and whether they’re any different to RHEL8?
AlmaLinux 9:
$ grep UMASK /etc/login.defs
# UMASK is also used by useradd(8) and newusers(8) to set the mode for new
UMASK 022
# If HOME_MODE is not set, the value of UMASK is used to create the mode.
$ grep -B1 -A1 umask /etc/bashrc
# By default, we want umask to get set. This sets it for non-login shell.
# Current threshold for system reserved uid/gids is 200
--
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; then
umask 002
else
umask 022
fi
$ grep -B1 -A1 umask /etc/profile /etc/profile.d/*
AlmaLinux 8:
$ grep UMASK /etc/login.defs
# UMASK is also used by useradd(8) and newusers(8) to set the mode for new
UMASK 022
# If HOME_MODE is not set, the value of UMASK is used to create the mode.
$ grep -B1 -A1 umask /etc/bashrc
# By default, we want umask to get set. This sets it for non-login shell.
# Current threshold for system reserved uid/gids is 200
--
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; then
umask 002
else
umask 022
fi
$ grep -B1 -A1 umask /etc/profile /etc/profile.d/*
/etc/profile-
/etc/profile:# By default, we want umask to get set. This sets it for login shell
/etc/profile-# Current threshold for system reserved uid/gids is 200
--
/etc/profile-if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; then
/etc/profile: umask 002
/etc/profile-else
/etc/profile: umask 022
/etc/profile-fi
Hello @gerry666uk
in short words to what @jlehtone shared the default are same they change only the file for setting it for login shell from profile to login.defs the non login shell file is same as rhel8 bashrc
and have a nice day everyone
Thanks for the detail and overview; this will help when moving to Rocky 9.x
you welcome and have a nice day