To set the default umask to 0027
Purpose
To align with OS-hardening best practices, as defined by the Center for Information Security, or CIS, you can change the default login umask on a RHEL OS instance that hosts a CLM deployer host, CLM cluster node, or CLM entity deployed outside the CLM cluster, to restrict file and directory access for non-root users.
Perform this procedure to set the default login umask on a RHEL OS instance to 0027.
![]() |
CAUTION Misconfiguration Risk |
Performing the procedure on a CLM station running CLM Release 22.11 or earlier may have undesirable effects that include restricted system access.
You must perform the procedure only on a CLM Release 23.4 or later station.