1oddjobd-mkhomedir.conf(5) File Formats Manual oddjobd-mkhomedir.conf(5)
2
6 oddjobd-mkhomedir.conf - allow limited use of the mkhomedir functions
7
10 The /etc/oddjobd.conf.d/oddjobd-mkhomedir.conf is typically processed
11 along with other files in the /etc/oddjobd.conf.d directory.
12 The mkhomedir helper itself accepts these options:
14 -f Restore behavior before CVE-2020-10737 was fixed: create the
16 home directory with user's ownership directly rather than create
17 it as a root and only after populating it change to the user's
18 ownership. The former behavior is insecure but may be used to
19 allow creation of NFS-mounted home directories when non-Kerberos
20 authentication is in use. It is prone for a race condition that
21 could be exploited in the NFS-mounted home directories use case.
22 To avoid CVE-2020-10737, do not use -f option in production en‐
23 vironments.
24 -q Refrain from outputting the usual "Creating home directory..."
26 message when it creates a home directory.
27 -n Only create the home directory; do not populate it using the
29 contents of the skeleton directory.
30 -s Override the location of the skeleton directory (by default:
32 /etc/skel).
33 -u Specify a umask whose bits are masked off of contents of the
35 skeleton directory while they are copied to the user's new home
36 directory. The default is read from /etc/login.defs by taking
37 HOME_MODE and UMASK values, in this order. First found value
38 persists.
39
42 oddjob.conf(5) login.defs(5)
43oddjob Manual 17 June 2014 oddjobd-mkhomedir.conf(5)