How do you apply umask settings to an account that doesn't log in?

linux services umask

If the services are started via Upstart or /etc/init.d, edit the appropriate initscripts.

  • init.d: umask 02 at the top of script (they are ordinary sh scripts)
  • Upstart: umask 02 anywhere

Linux does not have a strict definition of "login", and an account is merely an UID that can (or cannot) be associated with a name/homedir/etc.

When you log in on console/over SSH, the login program (or the SSH daemon) uses PAM to set up the environment (possibly pam_umask), then starts your shell with the "login" flag. The /etc/profile script belongs to the sh and bash shells, which only read it for "login" invocations.

When you use sudo touch ... or sudo /etc/init.d/foo start, sudo still calls PAM for auth/account/session setup, but does not start the shell at all, meaning all "profile" or "bashrc" files will be ignored. (That is, unless you use sudo -i ....)

When Upstart runs a service, it simply switches the UID to that of your service, skipping any "profile" scripts or PAM configuration. The only configuration that is read is the service's file in /etc/init, which is where you should put the umask setting.

Related

How can I delete a Mac OS X Snow Leopard user account from Command Line?
How do I modify the Windows 10 File Explorer 'New item' menu?
Is there a common browser shortcut for jumping to a website’s search bar?
Excel - display text different to the actual value?
How to be safe plugging in an infected USB?
Windows 7: Cannot pin application to the taskbar
How can I convince Windows 7 to reboot upon hibernating rather than powering down?
Disk space analyzer that can read du output
How can I run a (16-bit) .COM executable that has been renamed to .COS?
How to communicate between two PCs on the same LAN?
Swap file error message while trying to edit .vimrc file?
How to block images from a specific domain?