linux umask for sudo and apache
I solved my own problems.
For the sudo permissions, I executed sudo visudo
and added the line Defaults umask = 0002
to the end.
For the Apache user, I added the line umask 0002
to the end of the /etc/apache2/envvars
(I couldn't find any better solution).
Setting the umask of the Apache user
Apache inherits its umask
from its parent process (i.e. the process starting Apache); this should typically be the /etc/init.d/
script. So put a umask
command in that script.
Changing umask of apache on ArchLinux
After trying again, strangely editing the /etc/rc.d/httpd
file works.
Just put
umask 0002
Right after the #!/bin/bash
and everything works as it should.
No idea why it didn't work before, but well...
Set UMASK value only for non root users
You could just put umask 022
in your root's .profile
/.bashrc
and have 077 as a default in your /etc/login.defs
.
The umask
shell builtin makes the umask
system call which sets process-inheritable the umask
property: a umask call set in one process affects all descendants of that process (unless they themselves make a umask
call), so to set a umask
for "user", you need to call umask
in a process from which all user processes descend (the login shell and/or the shell through which sudo
commands are invoked).
How to set system wide umask?
Both Debian and Ubuntu ship with pam_umask. This allows you to configure umask in /etc/login.defs
and have them apply system-wide, regardless of how a user logs in.
To enable it, you may need to add a line to /etc/pam.d/common-session
reading
session optional pam_umask.so
or it may already be enabled. Then edit /etc/login.defs
and change the UMASK
line to
UMASK 002
(the default is 022
).
Note that users may still override umask in their own ~/.profile
or ~/.bashrc
or similar, but (at least on new Debian and Ubuntu installations) there shouldn't be any overriding of umask in /etc/profile
or /etc/bash.bashrc
. (If there are, just remove them.)
How to set umask for www-data user?
I hope this will work, Please try this way
Manually edit /etc/systemd/system/multi-user.target.wants/ php7.0-fpm.service
file and add UMask=0002
line inside [Service] section.
Previously, it was like this.
then
Run command systemctl daemon-reload
then
Run command systemctl restart php7.0-fpm.service
Now the service file looks like this:
[Unit]
Description = The PHP FastCGI Process Manager
After = network.target
[Service]
Type = notify
PIDFile = /var/run/php/php7.0-fpm.pid
ExecStartPre = /usr/lib/php/php7.0-fpm-checkconf
ExecStart = /usr/sbin/php-fpm7.0 --nodaemonize --fpm-config /etc/php/7.0/fpm/php-fpm.conf
ExecReload = /bin/kill -USR2 $MAINPID
; Added to set umask for files created by PHP
UMask = 0002
[Install]
WantedBy = multi-user.target
NB : You can not use systemctl
edit php7.0-fpm.service command as edit option was introduced in systemctl
version 218 but Debian 8 ships with version 215.
Related Topics
Resolving MAC Address for Ip Address Using C++ on Linux
Cache Coloring on Slab Memory Management in Linux Kernel
Make Bash Differentiate Between Ctrl-<Letter> and Ctrl-Shift-<Letter>
Alternative to Valgrind (Memcheck) for Finding Leaks on Linux
How to Delete All Files Starting with ._ from The Shell in Linux
How to Make Unix Binary Self-Contained
How Syscall Knows Where to Jump
Bash Script to Create Symbolic Links to Shared Libraries
Sleep in a While Loop Gets Its Own Pid
Grep and Sed with Spaces in Filenames
Would It Be Possible to Read Out Physical Keyboard Strokes in Node.Js
What Register State Is Saved on a Context Switch in Linux
Put Command Output into String
How to Write Kernel Space Memory (Physical Address) to a File Using O_Direct
Why Glibc Binary Is Called Libc.So.6 Not a Libc.So.1 or Libc.So.4