Learn everything about umask value. What is umask value? What is best default umask? How to set it up in Linux and Unix? & How to calculate umask?
Once of the basic topic in learning Linux or Unix is umask value. UMASK is user file/directory permission mask value and is 4 digit octal value! Whenever user creates a file or directory kernel grants it some by default permissions. Those are base permissions. For file its 666 (i.e. rw-rw-rw) means read, write to all (owner, group, others) and for directory its 777 (i.e. rwxrwxrwx) means read, write, execute to all.
Here user mask plays its role. User permission mask is the octal value which is used to determine file/directory permission when they are created by user. Umask value subtracted bitwise from base permissions and final permission is determined for newly created files and directories.
How to calculate umask?
For example if umask value is 0022 then newly created files will have permission 0666-0022=0644 (i.e. rw-r–r–) means read to all and write to owner only. There are plenty of combinations can be used depending on your requirement. You can refer below calculation table for determining your expected umask value:
|umask value (Bit from left to right)||For whom||File base permission||Directory base permission|
So, you need to decide which final permission you want on newly created file and directories. Once that is finalized you can have reverse calculation with 666 & 777 and decide your umask value.
Read also : What is ulimit value?
What is best default umask?
Below are few standard best default umask values which can be used :
|umask value||Final File permission||Final directory permission||Useful for|
|022||644||755||Normal user. Others have read access only|
|002||664||775||Group usage. Only group members has access|
|077||600||700||Complete privacy. No other user can access your data|
How to setup umask in Linux/Unix?
umask value can be setup using simple command umask followed by its value. But, this value will be set only for that current active shell session.
# umask 022 # touch testfile # ll total 0 -rw-r--r--. 1 root root 0 Feb 1 01:03 testfile # umask 077 # touch testfile1 # ll total 0 -rw-------. 1 root root 0 Feb 1 01:04 testfile1
Observe in above output that file permissions defers when we set different umask values.
To set this up permanently, define this command in login profiles of users. /etc/profile value can be overridden by user’s own profile which executes after that. For all systemwide users defind it /etc/profile or /etc/bashrc file. For user specific values, define them in ~/.profile (Korn / Bourne shell) ~/.cshrc file (C shells), ~/.bash_profile (Bash shell) these shell specific profiles in their home directories.
You need to open specific profile with vi editor and append umask <value> line at the end.
Setup umask with permission
If you are not good at remembering numbers and want to avoid octal notation, then you can define umask with permission letters too. Syntex will be as below :
# umask u=rwx,g=,o= # ll total 0 -rw-------. 1 root root 0 Feb 1 01:12 testfile3
Here, we set umask with defining permissions at user, group and owner level (500). Notice that there is no space in between but permissions are separated by commas.