In setting up netatalk on a couple of test servers, I discovered the umask setting in /etc/netatalk.conf is no longer working in versions 3.1.5 and 3.1.6.
I was previously using an umask = 0007 setting with version 3.1.2 and 3.1.0 successfully to deny permissions for POSIX others on new files/folders. (we want 770 on folders)
In the 3.1.5. and 3.1.6 versions of netatalk, the umask setting appears to be ignored for folders so they get o+rx permissions (775). New files appear to still respect the umask=0007, but they get g+x also, it becomes 670.
Here's the atalk.conf:
; Netatalk 3.x configuration file
; Global server settings
; basedir regex = /home
; [My AFP Volume]
; path = /path/to/volume
[Grafisk Cumulus AFP]
path = /mnt/DataTest/Grafisk_Test
valid users = ladmin @grafisk @fellestest
; use umask to block standard permissions assignments for group, and for others
; so we can control it in filesystem instead using ACLs
;file perm = 0660
umask = 0077
Log in to post a comment.