Linux Umask Settings

Umask Settings#

The umask command is used to set and determine the default File System creation permissions on the system.

Linux Umask Settings is the octal complement of the desired file mode for the specific file type. Default permissions are:

  • 777 - Executable files
  • 666 - Text files

These defaults are set allowing all users to execute an executable file and not to execute a text file. The defaults allow all users can read and write the file.

Utilizing Linux Umask Settings you might not need to change Linux Files and File Permissions or Linux Directory Permissions as often using Chmod

The permission for the creation of new executable files is calculated by subtracting the umask value from the default permission value for the file type being created. An example for a text file is shown below with a umask value of 022:

        666 Default Permission for text file
       -022 Minus the umask value
        644 Allowed Permissions
Therefore the umask value is an expression of the permissions the user, group and world will not have as a default with regard to reading, writing, or executing the file. The umask value here means the group the file belongs to and users other than the owner will not be able to write to the file. In this case, when a new text file is created it will have a file permission value of 644, which means the owner can read and write the file, but members of the group the file belongs to, and all others can only read the file. A long directory listing of a file with these permissions set is shown below.
-rw-r--r--   1 root     workgrp          14233 Apr  24 10:32 textfile.txt
A example command to set the umask is:
umask 022
The most common umask setting is 022. The /etc/profile script is where the umask command is usually set for all users.

Some Linux implementations have a user and group ID creation scheme where there is a group for each user and only that user belongs to that group. If you use this scheme consistently you only need to use 002 for your umask value with normal users.

More Information#

There might be more information for this subject on one of the following: