I'd like to start my Docker service with systemd with a umask of 0002 (instead of the default 0022). So I created an override file under /etc/systemd/system/docker.service.d/override.conf with
[Service]
UMask=0002
And reloaded the daemon with systemctl daemon-reload and also restarted the Docker service.
But when I look at /proc/<PID>/status I still see 0022 as umask, any ideas what I am doing wrong?
Let's break this down.
Umask= is documented in man systemd.exec. You can find which man page it's documented in by checking man systemd.directives. It's documented as:
"Controls the file mode creation mask. "
The output you see in /proc/<pid>/status is documented in man proc. It's documented as:
"Process umask".
So first, it's not clear that what your checking is the right test of the systemd directive you set. A better test would be to look at a file created by Docker. What umask was created as?
Second, check that your systemd directive actually took hold. Review the output of:
systemd-analyze dump
Search in the output for Docker, and from there you can find the Umask that systemd has set for the Docker service. Does systemd see your umask as you expect?
Your systemd syntax appears correct, so I think this may be a misunderstanding about what the Umask= directive does.
