Difference between revisions of "Umask"

From ArchWiki
Jump to: navigation, search
(reword, don't explain how to edit a text file, see also Help:Style; defaults are explained in the first section)
(don't abuse monospace text, see also Help:Style/Formatting_and_Punctuation; other style fixes, see Help:Style)
Line 15: Line 15:
 
Setting a umask value of {{ic|022}} means that the write bit for the group ({{ic|2}} in the second place) and all other users ({{ic|2}} in the third place) are cleared. This mask results in default permissions of {{ic|755}} for directories and {{ic|644}} for files.
 
Setting a umask value of {{ic|022}} means that the write bit for the group ({{ic|2}} in the second place) and all other users ({{ic|2}} in the third place) are cleared. This mask results in default permissions of {{ic|755}} for directories and {{ic|644}} for files.
  
To calculate directory permissions for a umask value of {{ic|022}} (regular user):
+
To calculate directory permissions for a umask value of {{ic|022}}:
Base permission:     777
+
:Base permissions: {{ic|777}}
Subtract umask value: 022 (-)
+
:Subtract umask value: {{ic|022}}
Directory permission: 755
+
:Directory permissions: {{ic|755}}
  
To calculate file permissions for a umask value of {{ic|022}} (regular user):
+
To calculate file permissions for a umask value of {{ic|022}}:
Base permission:      666
+
:Base permissions:      {{ic|666}}
Subtract umask value: 022 (-)
+
:Subtract umask value: {{ic|022}}
File permission:      644
+
:File permissions:      {{ic|644}}
  
 
The following example explains the steps needed to set a umask value that will result in permission values {{ic|700}} for directories and {{ic|600}} for user files. The idea very simply is that only the user will be allowed to read or write the file, or to access the contents of the directory.
 
The following example explains the steps needed to set a umask value that will result in permission values {{ic|700}} for directories and {{ic|600}} for user files. The idea very simply is that only the user will be allowed to read or write the file, or to access the contents of the directory.
Base permission:      777 / 666
+
:Base permissions:      {{ic|777}} / {{ic|666}}
Subtract umask value:  077 / 077 (-)
+
:Subtract umask value:  {{ic|077}} / {{ic|077}}
Resulting permissions: 700 / 600
+
:Resulting permissions: {{ic|700}} / {{ic|600}}
  
 
  $ umask 077
 
  $ umask 077
 
  $ touch file.txt
 
  $ touch file.txt
 
  $ mkdir directory
 
  $ mkdir directory
$ ls -ld file.txt directory
 
  
Output:
+
{{hc|$ ls -ld file.txt directory|
drwx------ 2 vivek vivek 4096 2007-02-01 02:21 directory
+
drwx------ 2 vivek vivek 4096 2007-02-01 02:21 directory
-rw------- 1 vivek vivek    0 2007-02-01 02:21 file.txt
+
-rw------- 1 vivek vivek    0 2007-02-01 02:21 file.txt
 +
}}
  
Sample umask values and permissions
+
Sample umask values and permissions:
umask value User Group Others
+
{|
0000 all all all
+
! style="text-align:left;padding-right:10px;" | umask value
0007 all all none
+
! style="text-align:left;padding-right:10px;" | User
0027 all read none
+
! style="text-align:left;padding-right:10px;" | Group
 +
! style="text-align:left;padding-right:10px;" | Others
 +
|-
 +
| {{ic|0000}} || all || all || all
 +
|-
 +
| {{ic|0007}} || all || all || none
 +
|-
 +
| {{ic|0027}} || all || read || none
 +
|}
  
 
For more information, see {{ic|man bash}} and {{ic|man umask}}.
 
For more information, see {{ic|man bash}} and {{ic|man umask}}.
  
== See Also ==
+
== See also ==
http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html (the source of this article)
+
* http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html (the source of this article)

Revision as of 05:18, 12 February 2014

The user file-creation mode mask (umask) is used to determine the file permission for newly created files. It can be used to control the default file permission for new files. It is a four-digit octal number.

Setting the umask

You can set the umask value through the umask command. Most Linux distributions set a default value of 0022 (022, including Arch [1]) or 0002 (002) in /etc/profile or in the default shell configuration files, e.g. /etc/bashrc.

If you need to set a different value, you can either directly edit such file, thus affecting all users, or call umask from your shell's user configuration file, e.g. ~/.bashrc. Any changes will only take effect after the next login.

Meaning of the umask value

The base permissions for directories are 0777 (rwxrwxrwx) and for files they are 0666 (rw-rw-rw).

Setting a umask value of 022 means that the write bit for the group (2 in the second place) and all other users (2 in the third place) are cleared. This mask results in default permissions of 755 for directories and 644 for files.

To calculate directory permissions for a umask value of 022:

Base permissions: 777
Subtract umask value: 022
Directory permissions: 755

To calculate file permissions for a umask value of 022:

Base permissions: 666
Subtract umask value: 022
File permissions: 644

The following example explains the steps needed to set a umask value that will result in permission values 700 for directories and 600 for user files. The idea very simply is that only the user will be allowed to read or write the file, or to access the contents of the directory.

Base permissions: 777 / 666
Subtract umask value: 077 / 077
Resulting permissions: 700 / 600
$ umask 077
$ touch file.txt
$ mkdir directory
$ ls -ld file.txt directory
drwx------ 2 vivek vivek 4096 2007-02-01 02:21 directory
-rw------- 1 vivek vivek    0 2007-02-01 02:21 file.txt

Sample umask values and permissions:

umask value User Group Others
0000 all all all
0007 all all none
0027 all read none

For more information, see man bash and man umask.

See also