Package: systemd Version: 243-5 Severity: important Dear Maintainer,
The traditional way to change the default umask (change /etc/login.defs with pam_umask enabled in /etc/pam.d/... ) is broken, for on my does not honor it in user units. This is a bug known by the upstream ( https://github.com/systemd/systemd/issues/6077 ), and currently the only possible walkaround is to override umask for every user unit, as discussed in https://bugs.launchpad.net/ubuntu/+source/gnome- terminal/+bug/1685754/comments/21 , which is hard to apply. I may be unable to fix this issue with my own knowledge and resource, but I can report it to you experts at least. -- Package-specific info: -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (900, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.2.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=zh_CN.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE=zh_CN.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages systemd depends on: ii adduser 3.118 ii libacl1 2.2.53-5 ii libapparmor1 2.13.3-6 ii libaudit1 1:2.8.5-2 ii libblkid1 2.34-0.1 ii libc6 2.29-3 ii libcap2 1:2.27-1 ii libcryptsetup12 2:2.2.1-1 ii libgcrypt20 1.8.5-3 ii libgnutls30 3.6.10-4 ii libgpg-error0 1.36-7 ii libidn2-0 2.2.0-2 ii libip4tc2 1.8.3-2 ii libkmod2 26-3 ii liblz4-1 1.9.2-2 ii liblzma5 5.2.4-1+b1 ii libmount1 2.34-0.1 ii libpam0g 1.3.1-5 ii libpcre2-8-0 10.32-5+b1 ii libseccomp2 2.4.1-2 ii libselinux1 2.9-3+b1 ii libsystemd0 243-5 ii mount 2.34-0.1 ii util-linux 2.34-0.1 Versions of packages systemd recommends: ii dbus 1.12.16-2 ii libpam-systemd 243-5 Versions of packages systemd suggests: ii policykit-1 0.105-26 pn systemd-container <none> Versions of packages systemd is related to: pn dracut <none> ii initramfs-tools 0.135 ii udev 243-5 -- Configuration Files: /etc/pam.d/systemd-user changed: @include common-account session required pam_selinux.so close session required pam_selinux.so nottys open session required pam_loginuid.so session required pam_limits.so @include common-session-noninteractive session optional pam_systemd.so session optional pam_umask.so -- no debconf information
[OVERRIDDEN] /etc/tmpfiles.d/screen-cleanup.conf -> /usr/lib/tmpfiles.d/screen-cleanup.conf --- /usr/lib/tmpfiles.d/screen-cleanup.conf 2017-06-19 06:31:56.000000000 +0800 +++ /etc/tmpfiles.d/screen-cleanup.conf 2017-06-30 08:33:17.091685640 +0800 @@ -1 +1 @@ -d /run/screen 0777 root utmp +d /run/screen 1777 root utmp [EXTENDED] /etc/systemd/system/display-manager.service -> /etc/systemd/system/display-manager.service.d/umask.conf [EQUIVALENT] /etc/systemd/system/nfdump.service -> /lib/systemd/system/nfdump.service [MASKED] /etc/systemd/system/systemd-rfkill.service -> /lib/systemd/system/systemd-rfkill.service [MASKED] /etc/systemd/system/systemd-rfkill.socket -> /lib/systemd/system/systemd-rfkill.socket [MASKED] /etc/systemd/system/transmission-daemon.service -> /lib/systemd/system/transmission-daemon.service [EXTENDED] /lib/systemd/system/rc-local.service -> /lib/systemd/system/rc-local.service.d/debian.conf [EXTENDED] /lib/systemd/system/systemd-resolved.service -> /lib/systemd/system/systemd-resolved.service.d/resolvconf.conf [EXTENDED] /lib/systemd/system/systemd-timesyncd.service -> /lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf [EXTENDED] /usr/lib/systemd/user/at-spi-dbus-bus.service -> /etc/systemd/user/at-spi-dbus-bus.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/blueman-applet.service -> /etc/systemd/user/blueman-applet.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/colord-session.service -> /etc/systemd/user/colord-session.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/dbus.service -> /etc/systemd/user/dbus.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/evolution-addressbook-factory.service -> /etc/systemd/user/evolution-addressbook-factory.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/evolution-calendar-factory.service -> /etc/systemd/user/evolution-calendar-factory.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/evolution-source-registry.service -> /etc/systemd/user/evolution-source-registry.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/evolution-user-prompter.service -> /etc/systemd/user/evolution-user-prompter.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/glib-pacrunner.service -> /etc/systemd/user/glib-pacrunner.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gnome-terminal-server.service -> /etc/systemd/user/gnome-terminal-server.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gvfs-afc-volume-monitor.service -> /etc/systemd/user/gvfs-afc-volume-monitor.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gvfs-daemon.service -> /etc/systemd/user/gvfs-daemon.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gvfs-goa-volume-monitor.service -> /etc/systemd/user/gvfs-goa-volume-monitor.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gvfs-gphoto2-volume-monitor.service -> /etc/systemd/user/gvfs-gphoto2-volume-monitor.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gvfs-metadata.service -> /etc/systemd/user/gvfs-metadata.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gvfs-mtp-volume-monitor.service -> /etc/systemd/user/gvfs-mtp-volume-monitor.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/gvfs-udisks2-volume-monitor.service -> /etc/systemd/user/gvfs-udisks2-volume-monitor.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/obex.service -> /etc/systemd/user/obex.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/rygel.service -> /etc/systemd/user/rygel.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/telepathy-gabble.service -> /etc/systemd/user/telepathy-gabble.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/telepathy-logger.service -> /etc/systemd/user/telepathy-logger.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/telepathy-mission-control-5.service -> /etc/systemd/user/telepathy-mission-control-5.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/telepathy-salut.service -> /etc/systemd/user/telepathy-salut.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/tracker-extract.service -> /etc/systemd/user/tracker-extract.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/tracker-miner-apps.service -> /etc/systemd/user/tracker-miner-apps.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/tracker-miner-fs.service -> /etc/systemd/user/tracker-miner-fs.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/tracker-store.service -> /etc/systemd/user/tracker-store.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/tracker-writeback.service -> /etc/systemd/user/tracker-writeback.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/zeitgeist-fts.service -> /etc/systemd/user/zeitgeist-fts.service.d/umask.conf [EXTENDED] /usr/lib/systemd/user/zeitgeist.service -> /etc/systemd/user/zeitgeist.service.d/umask.conf 39 overridden configuration files found.
# This file is part of systemd. # # Used by systemd --user instances. @include common-account session required pam_selinux.so close session required pam_selinux.so nottys open session required pam_loginuid.so session required pam_limits.so @include common-session-noninteractive session optional pam_systemd.so session optional pam_umask.so
# # /etc/pam.d/common-session - session-related modules common to all services # # This file is included from other service-specific PAM config files, # and should contain a list of modules that define tasks to be performed # at the start and end of sessions of *any* kind (both interactive and # non-interactive). # # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. # To take advantage of this, it is recommended that you configure any # local modules either before or after the default block, and use # pam-auth-update to manage selection of other modules. See # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) session [default=1] pam_permit.so # here's the fallback if no module succeeds session requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around session required pam_permit.so # and here are more per-package modules (the "Additional" block) session required pam_unix.so session optional pam_systemd.so session optional pam_ecryptfs.so unwrap # end of pam-auth-update config session optional pam_umask.so
