World-Readable seem to be a surprising default for many people,
especially in teaching context. Switch to a more reasonable rwxr-x---
We have to issue a chmod, as changing at creation time would require
changin /etc/adduser.conf DIR_MODE=0760 (or whatever), but that seem
unwise.
We do not set the exact permission in case the DIR_MODE is more
restrictive.
Closing #158
Dynamic Users are neat and probably very useful for a tmpnb
style situation. However, for regular use they have the following
problems:
1. Can't set ProtectHome=no, so you can never apt install or
similar from inside admin accounts.
2. Dynamic uid / gid makes it hard to write sudo rules. We want
admin users to have sudo.
3. Persistent uids / gids are very useful for ad-hoc ACLs between
users. gid sharing isn't the most flexible sharing mechanism,
but it is well known & quite useful.
4. /etc/skel is pretty useful!
