Umask

The built-in shell command umask is used specify and view what the default file permissions are. Executing the umask command without any arguments will cause it to display what the current default permissions are.

Systems Administration Chapter 6: Processes and Files dinbig:~$ umask

0002

By default, the umask command uses the numeric format for permissions. It returns a number that specifies which permissions are turned off when a file is created.

In the first example above:

• the user and group have the value 0

This means that by default no permissions are turned off for the user or group. Further discussion on why group, by default, has write access to your files is provided in later chapters. It has something to do with each user having a private group which they are the only member of.

This means that by default, the write permission is turned off.

You will notice that the even though the execute permission is not turned off, my default file doesn't have the execute permission turned on. Most shells, and bash is no exception, do not allow the creation of executable files by default. The only way to make a file executable is to explicitly set the execute bit/s yourself. This is a security mechanism. The last thing you want is every file every user creates being executable. Furthermore, most files do not need to be executable - for example, temporary buffer files created by vi do not need to be executable.

Essentially, when you create a new file with a command through bash it does not begin with all the permissions turned on (ie. 777). It begins with all the execute permissions already turned off (ie. 666). To get the resulting permissions for the file, umask can only turn more permissions off.

In order to access the contents of a directory you need execute permission on that directory. So, by default, execute permissions are set on directories. To determine the new directory's permissions, bash begins with 777 and umask turns permissions off, producing a permissions list that may contain execute bits.

Was this article helpful?

0 0

Post a comment