Ubuntu – How to set default umask in Ubuntu 17.04

17.04gnome-sessionpermissionsprofileumask

In the past, I have always set umask at ~/.profile. I set a umask of 077 so my documents get a permission of 600 (rw-------). But setting this at ~/.profile no longer works in Ubuntu 17.04.

So as new documents get created in a gnome session on Ubuntu 17.04, where can I configure so that they get created with permission 600?

Best Answer

To set permissions for all directories and files that are created day-forward by any user:

  1. sudo nano /etc/pam.d/common-session
  2. Find the line with "session optional pam_umask.so"
  3. Change this to "session optional pam_umask.so umask=0077"
  4. Save the file.
  5. Reboot.

New files will be 600. New directories will be 700.

Related Question