From 4ac0529d1c4ce46353fd9d0eb93b71b09147763a Mon Sep 17 00:00:00 2001 From: Adriaan de Groot Date: Tue, 22 Oct 2024 17:36:54 +0200 Subject: [PATCH] [users] Explain new permissions possibilities in config --- src/modules/users/users.conf | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/src/modules/users/users.conf b/src/modules/users/users.conf index 201ff8349..d2624bf4d 100644 --- a/src/modules/users/users.conf +++ b/src/modules/users/users.conf @@ -215,14 +215,20 @@ allowWeakPasswordsDefault: false # names for a given distro (eg. "video", or "mysql" might not be a valid # end-user login name). # - *home_permissions* Home directory of the user is given **approximately** -# this set of permissions. Write the permissions in octal. If not set, -# there is no default and no permission-setting is done (uses defaults of -# `useradd` in the target). A umask is computed from these permissions -# and passed to `useradd`. Take care to quote the numeric value. +# this set of permissions. If not set, there is no default and no +# permission-setting is done (uses defaults of `useradd` in the target). +# A umask is computed from these permissions +# and passed to `useradd`. +# +# You may write permissions as: +# - write "NNN" (three octal digits) or +# - write "oNNN" (small 'o' and three octal digits) or +# - write "rwxrwxrwx" (like the output of ls, with a - for unset bits) +# The following permissions mean the same thing: "o750", "rwxr-x---" . user: shell: /bin/bash forbidden_names: [ root ] - home_permissions: "0700" + home_permissions: "o700" # Hostname settings