From 86f91e3030ef0b08000fc28a3a172e6a47918e4e Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Sat, 6 Jan 2024 09:10:45 -0500
Subject: [PATCH] revert umask 027 by default

because broken because this also happens for root while it should not

https://github.com/Kicksecure/security-misc/issues/185
---
 README.md                                 | 4 +++-
 usr/share/pam-configs/umask-security-misc | 8 --------
 2 files changed, 3 insertions(+), 9 deletions(-)
 delete mode 100644 usr/share/pam-configs/umask-security-misc

diff --git a/README.md b/README.md
index 4ac4fb6..2463c66 100644
--- a/README.md
+++ b/README.md
@@ -392,7 +392,9 @@ See:
 #### umask
 
 Default `umask` is set to `027` for files created by non-root users such as for
-example user `user`.
+example user `user`. Broken. Disabled. See:
+
+* https://github.com/Kicksecure/security-misc/issues/184
 
 This is doing using pam module `pam_mkhomedir.so umask=027`.
 
diff --git a/usr/share/pam-configs/umask-security-misc b/usr/share/pam-configs/umask-security-misc
deleted file mode 100644
index 6436a56..0000000
--- a/usr/share/pam-configs/umask-security-misc
+++ /dev/null
@@ -1,8 +0,0 @@
-Name: Restrict umask to 027 (by package security-misc)
-Default: yes
-Priority: 100
-Session-Type: Additional
-Session-Interactive-Only: yes
-Session:
-	[success=1 default=ignore]	pam_succeed_if.so uid eq 0
-	optional	pam_umask.so umask=027