Anil ask a question (via email):
What is umask and how is it determined on a Linux system?
The user file-creation mode mask (umask) is use to determine the file permission for newly created files. It can be used to control the default file permission for new files. It is a four-digit octal number .
Procedure to setup default umask
You can setup umask in /etc/bashrc or /etc/profile file for all users. By default most Linux distro set it to 0022 (022) or 0002 (002).
Open /etc/profile (global) or ~/.bashrc file
# vi /etc/profile
OR
$ vi ~/.bashrc
Append/modify following line to setup a new umask:
umask 022
Save and close the file. Changes will take effect after next login.
But what is 0022 and 0002?
The default umask 0002 used for normal user. With this mask default directory permissions are 775 and default file permissions are 664.
The default umask for the root user is 0022 result into default directory permissions are 755 and default file permissions are 644.
For directories, the base permissions are (rwxrwxrwx) 0777 and for files they are 0666 (rw-rw-rw).
To calculate file permission for 022 (root user):
Default Permissions: 777
Subtract umask value: 022 (-)
Allowed Permissions: 755
To calculate directory permission for 022 umaks (root user):
Default Permissions: 666
Subtract umask value: 022 (-)
Allowed Permissions: 644
The following example explains the steps needed to set umask for permissions 700 for user files. The idea very simply only user is allowed to read or write file.
Default Permissions: 777
Subtract umask value: 077 (-)
Allowed Permissions: 700
$ umask 077
$ touch file.txt
$ ls -l file.txt
Output:
-rw------- 1 vivek vivek 0 2007-02-01 02:21 file.txt
Sample umask values and permission
| umask value | User | Group | Others |
| 0000 | all | all | all |
| 0007 | all | all | none |
| 0027 | all | r/w | none |
For more information read man page of bash:
man bash
help umask
- Email this to a friend
- Printable version
- Rss Feed
- Last Updated: Mar/8/2007
{ 26 comments… read them below or add one }
Reply from text:
—————————-
To calculate file permission for 022 (root user):
Default Permissions: 777
…
To calculate directory permission for 022 umaks (root user):
Default Permissions: 666
…
————————————
It’s wrong, isn’t it?
The right answer is:
To calculate _file_ permission for 022 (root user):
Default Permissions: _666_
etc.
To calculate _directory_ permission for 022 umaks (root user):
Default Permissions: _777_
etc.
The title says “How to setup default umask”
You never mention how to actually set the default up.
WGriffin,
Opps. Post has been updated. Thanks for heads up!
Yes Guy !
Its an excellent site for newbie.
I like it most…
I think its help all Linuxx user.
thanks. very helpful
thanks guys….
I like such short tutorials …;)
Cheers
Hi there!
I’ve tried changing umask on my GNU/Linux box (Gentoo). Is’s look like 0000 and 0111 is the same mask. What’s going on?
Default (initial) Run level for root?
Hi,
I have done this thing 3 times….but not any affect on umask default permissions.
i used :
# umask 0077 command for temporarily umask….
permissions for files are as follows
777 – Executable files
666 – Text files
You say: For directories, the base permissions are (rwxrwxrwx) 0777 ….
and then you calculated:
To calculate directory permission for 022 umaks (root user):
Default Permissions: 666
…
nonsense ?
I know this is a very old post, but I would like to correct one thing if someone lands here from a search engine:
According to the DebianDesktopHowTo the value for UMASK has to be changed in both /etc/profile and /etc/lgin.defs. This howto has a specific section about permissions in a shared computer.
Thanks for posting this.
I meant login.defs.
Sorry.
but again que is that can we change the default permission permanently? tell now
0027 all r/w none
um… this would be all r/x none
removing 2 removes write.
Hello guys, thanx for your valuable input however i need to make the php files created by my app rwxrwxr– by default.
How can I get to do that?
very helpful thanks a ton
Steven: Umask cannot typically be used to default new files to executable. You need to use chmod instead.
THANKS VIVEK
I am using fedora9 and having trouble with system. when I create a file as root then the file have permission rw-rw—- I have to change permission each time….
I want to change umask but when I tried it with umask 000 then the default permission are rw-rw-rw- not rwxrwxrwx. I want the permission rwxrwxrwx how to set it as default?
this is very good site to understand umasks
The umask explanation is very useful for beginners
note :
directory default mask : 022
permission ( means rwx) : 777
actual permission value is : 777 – 022 = 755
execute permission is never defaulted on a file (hence 666 base) … it is defaulted for a directory (hence 777 base) so access to the directory is there.
so 027 does result in all r/w none for a file but all r/w/x none for a diretory.
for a file 000 and 111 are the same as 111 masks off execute permission and the base permission is 666 – 000 === 666 – 111.
oops 027 for a file is all r none no ‘w’
To return the default permission setting type umask with no options
$ umask
022
Having known the umask value, try creating a directory and a file and check what the file settings are
$ mkdir tempdir1
$ ls -l
drwxr-xr-x 2 root root 4096 2009-06-29 10:42 tempdir1
$ touch tempfile1
$ ls -l
drwxr-xr-x 2 root root 4096 2009-06-29 10:42 tempdir1
-rw-r–r– 1 root root 0 2009-06-29 10:43 tempfile1
Change the umask and again create a directory and a file and check the file permission settings
$ umask 027
$ umask
0027
$ mkdir tempdir2
$ ls -l
total 12
drwxr-x— 2 root root 4096 2009-06-29 10:40 tempdir2
Now the directory tempdir2 has a permission setting of 750
$ touch tempfile2
$ ls -l
drwxr-x— 2 root root 4096 2009-06-29 10:40 tempdir2
-rw-r—– 1 root root 0 2009-06-29 10:40 tempfile2
Now the file tempfile2 has a permission setting of 640
Now, let us see how the file permission settings are calculated using boolean expressions after we have issued a umask with 027.
For the directories, you need to take the 1’s complement of the umask value and perform a logical AND operation with 0777.
For e.g. consider the case where we have umask value of 027 – 0000 0000 0010 0111
1’s complement of 027 – 1111 1101 1000
For directories perform logical AND operation with 0777 (0000 0111 0111 0111). So
1111 1101 1000 (1’s complement of 027)
0111 0111 0111 (0777)
—————-
0111 0101 0000 = 0750
For files, perfom logical AND operation with 0666 (0000 0110 0110 0110), so
1111 1101 1000 (1’s complement of 027)
0110 0110 0110 (0666)
—————
0110 0100 0000 = 0640
Try different combinations on files, directories to get a clear picture on how umask is applied on files.