Using umask to Set Default Permissions

You probably noticed that when creating a new file, some default permissions are set. These permissions are determined by the umask setting. This is a shell setting that is set for all users when logging in to the system. In the umask setting, a numeric value is used that is subtracted from the maximum permissions that can be set automatically to a file; the maximum setting for files is 666 and for directories is 777. However, some exceptions to this rule exist; therefore, you can find a complete overview of umask settings in Table 6-2. Of the digits used in the umask, such as with the numeric arguments for the chmod command, the first digit refers to user permissions, the second digit refers to the group permissions, and the last refers to default permissions set for others. The default umask setting of 022 gives 644 for all new files and 755 for all new directories that are created on your server.

Table 6-2. umask Values and Their Results

Value

Applied to Files

Applied to Directories

0

Read and write

Everything

1

Read and write

Read and write

2

Read

Read and execute

3

Read

Read

4

Write

Write and execute

5

Write

Write

6

Nothing

Execute

7

Nothing

Nothing

You have two ways to change the umask setting: for all users and for individual users. If you want to set the umask for all users, you must make sure the umask setting is entered in the configuration file /etc/profile.local. The configuration file /etc/profile is a generic configuration file that is processed by all users logging in to the system. Since, however, YaST doesn't like modifications to be made directly to this file, you must make all modifications you want to apply in /etc/ profile.local. If the umask is changed in this file, it applies to all users logging in to your server.

An alternative to setting the umask in /etc/profile.local, where it is applied to all users logging in to the system, is to change the umask settings in a file with the name .profile, which is created in the home directory of an individual user. Settings applied in this file are applied for the user who owns the home directory only; therefore, this is a nice method to create an exception for one user only. You could, for example, create a .profile file in the home directory of user root and there apply the umask setting of 027, whereas the generic umask setting for ordinary users is set to 022 in/etc/profile.local.

Was this article helpful?

0 0

Responses

  • Ailie Stewart
    Which files are read last (by default) when a shell is launched on SUSE Linux Enterprise Server?
    5 months ago

Post a comment