Hello,
Im following the Rapid Track course, in the lab : Control Access to file, we are expected to have a 0002 umask as every user expect root. But, when you are logged as root (as asked in the lab, using sudo -i) and you switch to a user (say student) using su - student, student will have root umask (0022) and not standard user umask (0002) as stated in /etc/bashrc. There is no umask command in the .bashrc .bash_profile of student user. Is this normal ? Why the lab ask me to log as root and then switch user using su ?
Proof :
Hi @robinem ,
Yes ,what you are stating seems right.
I will flag this and see if this needs rectfication.
I have no access to the training course, but from you description it seems you are facing the differences between login shells and non-login shells. If you look at /etc/profile , you'll see a snippet like:
----
if [ $UID -gt 199 ] && [ "`/usr/bin/id -gn`" = "`/usr/bin/id -un`" ]; then
umask 002
else
umask 022
fi
----
This file is only executed on a non-login shell , eg:
----
[cloud-user@umask ~]$ id
uid=1000(cloud-user) gid=1000(cloud-user) groups=1000(cloud-user),4(adm),190(systemd-journal) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[cloud-user@umask ~]$ umask # just connected to the system via ssh.
0022
[cloud-user@umask ~]$ bash --login # launching a login shell
[cloud-user@umask ~]$ umask
0022
[cloud-user@umask ~]$ bash # launching a non-login shell
[cloud-user@umask ~]$ umask
0002
-----
You can review what bash is doing by launching 'bash -x' instead of just bash. It will output every file that is reading and every script that is executed, to give you some understanding on what is happening.
The command "su - user" doesn't open a login shell ? I thought that the dash meant "please execute/source bashrc/profile files for this user"
Hi @robinem ,
Yes ,what you are stating seems right.
I will flag this and see if this needs rectfication.
Red Hat
Learning Community
A collaborative learning environment, enabling open source skill development.