<listitem><para>Controls the file mode creation mask. Takes an access mode in octal notation. See
<citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry> for
- details. Defaults to 0022 for system units. For units of the user service manager the default value
- is inherited from the user instance (whose default is inherited from the system service manager, and
- thus also is 0022). Hence changing the default value of a user instance, either via
- <varname>UMask=</varname> or via a PAM module, will affect the user instance itself and all user
- units started by the user instance unless a user unit has specified its own
- <varname>UMask=</varname>.</para></listitem>
+ details. Defaults to 0022 for system units. For user units the default value is inherited from the
+ per-user service manager (whose default is in turn inherited from the system service manager, and
+ thus typically also is 0022 — unless overriden by a PAM module). In order to change the per-user mask
+ for all user services, consider setting the <varname>UMask=</varname> setting of the user's
+ <filename>user@.service</filename> system service instance. The per-user umask may also be set via
+ the <varname>umask</varname> field of a user's <ulink url="https://systemd.io/USER_RECORD">JSON User
+ Record</ulink> (for users managed by
+ <citerefentry><refentrytitle>systemd-homed.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ this field may be controlled via <command>homectl --umask=</command>). It may also be set via a PAM
+ module, such as <citerefentry
+ project='man-pages'><refentrytitle>pam_umask</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para></listitem>
</varlistentry>
<varlistentry>
projects / thirdparty / systemd.git / commitdiff
