[Authentication] Question about home directory permissions

[Scott Dowdle]

Greetings,

I'm using Fedora 19.  I see that the oddjob and oddjob-mkhomedir packages are responsible for making user home directories if they don't exist when the user logs in.

I read the documentation on the optional /etc/realmd.conf file.  I moved stuff from /home to /students with the [users] section and the  "default-home =" thing.  That works great.  I wasn't sure how to make the system notice the change and ended up leaving the domain and joining it again.  The documentation doesn't seem to be very clear on that but I got it working.

I can login, it makes a homedir where I want... but the permissions on it are too open (755).  I do see something that looks like the place to put it in:

/etc/oddjobd.conf.d/oddjobd-mkhomedir.conf

There are two methods and both pass "-u 0002".  Altering one or both of those to other values didn't seem to get me what I wanted... and made it where users couldn't access their home dirs anymore.  The desired permissions for their homedirs would be 750 or 700.  Maybe I'm having a brain fart with my umask values.

What is the proper way to adjust the homedir permissions and what would the values be for the permissions I want?

I'm going to make people cringe but for the yp/nis stuff I just ended up making a cronjob on each host that chmod's the homedirs every 10 minutes.  Yes, I know that is horrible and it isn't how I want to do it here if it can be avoided.

Thanks in advance,
-- 
Scott Dowdle
704 Church Street
Belgrade, MT 59714
(406)388-0827 [home]
(406)994-3931 [work]