From 23d8a034c7106ed2800ddc6618ab44d3c1c3224e Mon Sep 17 00:00:00 2001
From: Timothy Pearson <kb9vqf@pearsoncomputing.net>
Date: Thu, 7 Mar 2019 16:41:51 -0600
Subject: [PATCH] Properly set umask on login (cherry picked from commit
 10472c4c2b98b22c0d8309e3f21ae2df32a6538a)

---
 src/libtdeldap.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/libtdeldap.cpp b/src/libtdeldap.cpp
index 70b9c15..e1a2d3c 100644
--- a/src/libtdeldap.cpp
+++ b/src/libtdeldap.cpp
@@ -4108,6 +4108,9 @@ int LDAPManager::writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr) {
 	if (file3.open(IO_WriteOnly)) {
 		TQTextStream stream( &file3 );
 
+		char modestring[8];
+		sprintf(modestring, "%04o", pamConfig.autocreate_user_directories_umask);
+
 		stream << "# This file was automatically generated by TDE\n";
 		stream << "# All changes will be lost!\n";
 		stream << "\n";
@@ -4116,9 +4119,8 @@ int LDAPManager::writePAMFiles(LDAPPamConfig pamConfig, TQString *errstr) {
 		stream << "session required pam_permit.so" << "\n";
 		stream << "session required pam_unix.so" << "\n";
 		stream << "session optional pam_ck_connector.so nox11" << "\n";
+		stream << "session optional pam_umask.so usergroups umask=" << modestring << "\n";
 		if (pamConfig.autocreate_user_directories_enable) {
-			char modestring[8];
-			sprintf(modestring, "%04o", pamConfig.autocreate_user_directories_umask);
 			TQString skelstring;
 			if (pamConfig.autocreate_user_directories_skel != "") {
 				skelstring = " skel=" + pamConfig.autocreate_user_directories_skel;