From 1cca00f2377df8783445a31251d04393e7e6f070 Mon Sep 17 00:00:00 2001 From: Tommy Date: Wed, 29 May 2024 12:27:45 -0700 Subject: [PATCH] Better umask handling Signed-off-by: Tommy --- Fedora-Server-40.sh | 4 +++- Fedora-Workstation-40.sh | 4 +++- Ubuntu-23.10-Desktop.sh | 4 +++- Ubuntu-24.04-Server.sh | 6 ++++++ 4 files changed, 15 insertions(+), 3 deletions(-) diff --git a/Fedora-Server-40.sh b/Fedora-Server-40.sh index 82e1c39..9e1c1b2 100644 --- a/Fedora-Server-40.sh +++ b/Fedora-Server-40.sh @@ -33,8 +33,10 @@ sudo systemctl mask kdump.service # Setting umask to 077 umask 077 +sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs +sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs +sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc -echo 'umask 077' | sudo tee -a /etc/bashrc # Make home directory private sudo chmod 700 /home/* diff --git a/Fedora-Workstation-40.sh b/Fedora-Workstation-40.sh index f2e97da..bd4bc7c 100644 --- a/Fedora-Workstation-40.sh +++ b/Fedora-Workstation-40.sh @@ -50,8 +50,10 @@ sudo systemctl mask kdump.service # Setting umask to 077 umask 077 +sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs +sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs +sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs sudo sed -i 's/umask 022/umask 077/g' /etc/bashrc -echo 'umask 077' | sudo tee -a /etc/bashrc # Make home directory private sudo chmod 700 /home/* diff --git a/Ubuntu-23.10-Desktop.sh b/Ubuntu-23.10-Desktop.sh index 795ae7c..48fcb8a 100644 --- a/Ubuntu-23.10-Desktop.sh +++ b/Ubuntu-23.10-Desktop.sh @@ -49,7 +49,9 @@ sudo chmod 700 /home/* # Setting umask to 077 umask 077 -echo 'umask 077' | sudo tee -a /etc/bash.bashrc +sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs +sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs +sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs # Setup NTS sudo systemctl disable --now systemd-timesyncd diff --git a/Ubuntu-24.04-Server.sh b/Ubuntu-24.04-Server.sh index 448dbe2..13961e5 100644 --- a/Ubuntu-24.04-Server.sh +++ b/Ubuntu-24.04-Server.sh @@ -32,6 +32,12 @@ echo 'Authorized uses only. All activity may be monitored and reported.' | sudo # Make home directory private sudo chmod 700 /home/* +# Setting umask to 077 +umask 077 +sudo sed -i 's/^UMASK.*/UMASK 077/g' /etc/login.defs +sudo sed -i 's/^HOME_MODE/#HOME_MODE/g' /etc/login.defs +sudo sed -i 's/^USERGROUPS_ENAB.*/USERGROUPS_ENAB no/g' /etc/login.defs + # Setup NTS sudo systemctl disable --now systemd-timesyncd sudo systemctl mask systemd-timesyncd