|Applies To||RSA Product Set: RSA Identity Governance & Lifecycle|
|Tasks||In Linux, the umask command is used to determine the settings of a mask that controls how file permissions are set for newly created files.|
This article provides some general information about the 'umask' command and how exactly its relevant to RSA Identity Governance and Lifecycle.
The questions below about the umask command will be addressed in the article.
|Resolution||The umask command is nothing but a four-digit octal number used to control the default file permissions of newly created files.|
You can setup umask in /etc/bashrc or /etc/profile file for all users. By default in most Linux system it is set to 0022 (022) or 0002 (002).
In RSA Identity Governance & Lifecycle, you are only concerned about below three OS users : (Below mentioned are OS users, not DB users)
Does the umask value always need to be set to '0022' in RSA Identity Governance and Lifecycle? Or, does it need to be set to this value only for a specific set of users?
The umask value need not be changed while installing RSA Identity Governance & Lifecycle. It is usually set to default value (0022) for OS users.
Does the umask value only need to be changed for the installation? Can it be changed back after the installation or is there a process which requires it?
The umask value can be changed if required after installation. If you want all the directories/files to be created with specific permissions then the umask value needs to be changed. However, it is not recommended to change it, specifically when it is an RSA Identity Governance & Lifecycle environment. (i.e. keep it as 0022 which is the default value)
Does the installer check .bashrc or any other configuration files?
Every time you log in to a Linux system, a .bash_profile file is executed. The .bash_profile file is nothing but a combination of environment variable scripts and the umask command as seen in the output below.
You can also see below that the installer checks and performs all of these tests.
From the above explanation it is clear that the installer does check .bashrc and any other configuration files necessary to perform the installation.
|Notes||In order to understand how the umask value can be calculated and to understand the umask octal modes and other details, please refer to the following website: https://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html|
For more details about the umask command, refer to the following link: https://askubuntu.com/questions/44542/what-is-umask-and-how-does-it-work/276958
If a new user is created in the environment, it is the customer's responsibility to decide what the umask value needs to be as they would not be one of the three RSA-supplied users for use with RSA Governance & Lifecycle.
The Aveksa Installer always checks Aveksa_System.cfg.