Report forwarded to debian-bugs-dist@lists.debian.org, Ryan Murray <rmurray@debian.org>: Bug#336214; Package gdm.
(full text, mbox, link).
Acknowledgement sent to Benoît Dejean <benoit@placenet.org>:
New Bug report received and forwarded. Copy sent to Ryan Murray <rmurray@debian.org>.
(full text, mbox, link).
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: gdm ignores user and system umask settings
Date: Fri, 28 Oct 2005 18:55:14 +0200
Package: gdm
Version: 2.6.0.8-1
Severity: normal
Hi,
it looks like gdm ignores both system-wide umask settings
(from /etc/login.defs) and user settings (in ~/.<myshell>rc/profile file).
This is surpringly dangerous. Then desktop application uses gdm default 022
as umask. I think this has to be fixed upstream but if this bug is confirmed,
i think users need to be aware of this problem and use workaround if needed.
Thanks.
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: powerpc (ppc)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-powerpc
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to fr_FR.UTF-8)
Versions of packages gdm depends on:
ii adduser 3.77 Add and remove users and groups
ii debconf 1.4.58 Debian configuration management sy
ii dpkg 1.13.11 package maintenance system for Deb
ii gksu 1.3.6-1 graphical frontend to su
ii gnome-session 2.10.0-8 The GNOME 2 Session Manager
ii gnome-terminal [x-termina 2.10.0-3 The GNOME 2 terminal emulator appl
ii libart-2.0-2 2.3.17-1 Library of functions for 2D graphi
ii libatk1.0-0 1.10.3-1 The ATK accessibility toolkit
ii libattr1 2.4.25-1 Extended attribute shared library
ii libbonobo2-0 2.10.1-1 Bonobo CORBA interfaces library
ii libbonoboui2-0 2.10.1-1 The Bonobo UI library
ii libc6 2.3.5-7 GNU C Library: Shared libraries an
ii libgconf2-4 2.10.1-6 GNOME configuration database syste
ii libglade2-0 1:2.5.1-2 library to load .glade files at ru
ii libglib2.0-0 2.8.3-1 The GLib library of C routines
ii libgnome2-0 2.10.1-1 The GNOME 2 library - runtime file
ii libgnomecanvas2-0 2.10.2-2 A powerful object-oriented display
ii libgnomeui-0 2.10.1-1 The GNOME 2 libraries (User Interf
ii libgnomevfs2-0 2.10.1-5 The GNOME virtual file-system libr
ii libgtk2.0-0 2.6.10-1 The GTK+ graphical user interface
ii libice6 6.8.2.dfsg.1-9 Inter-Client Exchange library
ii liborbit2 1:2.12.4-1 libraries for ORBit2 - a CORBA ORB
ii libpam-modules 0.79-3 Pluggable Authentication Modules f
ii libpam-runtime 0.79-3 Runtime support for the PAM librar
ii libpam0g 0.79-3 Pluggable Authentication Modules l
ii libpango1.0-0 1.8.2-3 Layout and rendering of internatio
ii libpopt0 1.7-5 lib for parsing cmdline parameters
ii librsvg2-2 2.9.5-4 SAX-based renderer library for SVG
ii libselinux1 1.26-1 SELinux shared libraries
ii libsm6 6.8.2.dfsg.1-9 X Window System Session Management
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii libx11-6 6.8.2.dfsg.1-9 X Window System protocol client li
ii libxext6 6.8.2.dfsg.1-9 X Window System miscellaneous exte
ii libxi6 6.8.2.dfsg.1-9 X Window System Input extension li
ii libxml2 2.6.22-1 GNOME XML library
ii metacity [x-window-manage 1:2.10.3-2 A lightweight GTK2 based Window Ma
ii xbase-clients 6.8.2.dfsg.1-9 miscellaneous X clients
ii xlibs 6.8.2.dfsg.1-9 X Window System client libraries m
ii xterm [x-terminal-emulato 6.8.2.dfsg.1-9 X terminal emulator
ii zlib1g 1:1.2.3-6 compression library - runtime
Versions of packages gdm recommends:
ii dialog 1.0-20051005-1 Displays user-friendly dialog boxe
ii whiptail 0.51.6-31 Displays user-friendly dialog boxe
ii zenity 2.10.1-1 Display graphical dialog boxes fro
-- debconf information:
gdm/daemon_name: /usr/bin/gdm
* shared/default-x-display-manager: gdm
Information forwarded to debian-bugs-dist@lists.debian.org, Ryan Murray <rmurray@debian.org>: Bug#336214; Package gdm.
(full text, mbox, link).
Acknowledgement sent to Sam Morris <sam@robots.org.uk>:
Extra info received and forwarded to list. Copy sent to Ryan Murray <rmurray@debian.org>.
(full text, mbox, link).
Subject: re: gdm ignores user and system umask settings
Date: Sat, 29 Apr 2006 01:23:15 +0100
severity 336214 minor
thanks
I think that /etc/login.defs is only (reliably) processed by login. Most
of the options are being replaced by PAM modules, which will work for
any PAM-enabled application.
As for /etc/profile and ~/.profile, these are read by login shells, not
GDM.
You can set your umask with the following methods:
1. system-wide: use the libpam-umask package [0]
2. system-wide: call umask from a script in /etc/X11/Xsession.d
3. system-wide: call umask from /etc/gdm/Xsession
4. user-specific: call umask from ~/.gdmrc [1]
[0] currently doesn't work with GDM; see #314791 and #321620
[1] only processed if logging into GNOME,
see /etc/X11/Xsession.d/55gnome-session_gnomerc
--
Sam Morris
http://robots.org.uk/
PGP key id 5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
Severity set to `minor'.
Request was from Sam Morris <sam@robots.org.uk>
to control@bugs.debian.org.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Ryan Murray <rmurray@debian.org>: Bug#336214; Package gdm.
(full text, mbox, link).
Acknowledgement sent to Wouter Verhelst <wouter@grep.be>:
Extra info received and forwarded to list. Copy sent to Ryan Murray <rmurray@debian.org>.
(full text, mbox, link).
severity 336214 normal
thanks
This bug really is a gdm bug, in that it overrides (rather than ignores)
configuration values, so I'm setting this at important instead of
"minor" (it would be minor or wishlist in case it fails to read
configuration outside of /etc/gdm, but as outlined below, that's not the
issue). I've been thinking of raising this to RC severity, but that may
be overdoing it; I'll leave that to your prerogative.
I have a system set up with pam_umask in common-session; yet after
logging in with gdm, umask is set to 0022. The reason isn't hard to
find; grepping through the gdm source code reveals several instances of
hard-coded "umask (022);", which destroys everything that may have been
set up through PAM or otherwise.
Workaround: set the umask in /etc/gdm/Init/Default. Doing this in
scripts in /etc/gdm/PostLogin, .../PostSession, and the script
/etc/gdm/Xsession will fail, because gdm still will muck with those
settings afterwards.
--
<Lo-lan-do> Home is where you have to wash the dishes.
-- #debian-devel, Freenode, 2004-09-22
Severity set to `normal' from `minor'
Request was from Wouter Verhelst <wouter@grep.be>
to control@bugs.debian.org.
(full text, mbox, link).
Tags removed: pending
Request was from Sam Morris <sam@robots.org.uk>
to control@bugs.debian.org.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Ryan Murray <rmurray@debian.org>: Bug#336214; Package gdm.
(full text, mbox, link).
Acknowledgement sent to John Winters <john@sinodun.org.uk>:
Extra info received and forwarded to list. Copy sent to Ryan Murray <rmurray@debian.org>.
(full text, mbox, link).
The workaround suggested for this bug of putting the umask setting
in /etc/gdm/Init/Default doesn't work. Hardly surprising really as that
script ends with an "exit 0" line, so whatever instance of the shell was
executing it dies, and the modified umask dies with it.
The workaround which actually works is to put the umask specification
in /etc/gdm/Xsession, as suggested in bug #314791. I put it just after
the "Beginning session setup..." message so that it would affect as much
as possible, and it doesn't seem to get messed up again by gdm.
This is a horrible bug. I've spent half today re-discovering it. Once
you've worked out that it's gdm doing the dirty deed it's easy to find
previous records, but until that particular piece of information falls
into place it's a stinker. I hate to think how many other people have
wasted that much time on it.
--
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Mon, 07 Jun 2010 16:36:15 GMT) (full text, mbox, link).
Version: 2.20.11-4+rm
gdm was last released with Debian 6.0 (squeeze) in
February 2011 and removed from Debian sid/unstable in 2011 (see
http://bugs.debian.org/613491 for details on the removal). Since
support for squeeze and squeeze-LTS has now ended, I'm closing all the
remaining bugs reported against this package.
Andreas
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 01 Aug 2016 07:29:54 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.