Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

umask - get or set the file mode creation mask

&pagelevel(4)&pagelevel

The POSIX shell built-in umask sets or displays the current user file-creation mode mask. This mask defines the access permissions to be assigned to all new files and directories which you subsequently create in the current shell or in one of its subshells.

Changes made in the file-creation mode mask remain in effect until a new value is set with umask or the shell in which umask was originally called is terminated.

The POSIX administrator can use umask to define the value of the file-creation mode mask in the /etc/profile file. Since /etc/profile is executed by every login shell, the access permissions set in this way are valid for every used logged in on the system (see Example 1).


Syntax


umask[ -S][ mask]

-S

The mask is symbolically output in the following form:

u=<access permissions>,g=<access permissions>,o=<access permissions>

where u = user, g = group, o = others and access permissions = r, w, x

mask

Three octal digits comprising the file-creation mode mask. This mask defines the permissions to be assigned to all new files or directories that the user subsequently creates in the current shell or in any of its subshells (see „Setting permissions with the file-creation mode mask“ below).

Since umask can only withhold existing permissions from the base settings, you cannot use it to have execute permissions directly assigned to files, regardless of what you specify for mask. Use the command chmod instead.

mask not specified:
umask displays the current user file-creation mode mask in the following output format 0nnn (0 indicates octal notation and nnn indicates the current file-creation mode mask in octal).

Setting permissions with the file-creation mode mask

When creating files and directories the following permissions are generally assigned as base settings (see open() [4]):

  • rw-rw-rw- to files, i.e. 110110110 in binary notation

  • rwxrwxrwx to directories, i.e. 111111111 in binary notation

umask is only capable of withholding existing permissions from these base settings. This means that you cannot use umask to have execute permission automatically assigned to new files. You may, however, set the appropriate x-bit with the chmod command.

The file-creation mode mask comprises three octal digits, which are specified when calling umask. The permissions they refer to are derived as follows:

  1. Convert the digits in the mask to their binary equivalents.

  2. Create the complement to each of these binary numbers, i.e. replace the zeros by ones, and ones by zeros.

  3. Add this binary complement to the binary value of the base mode setting by logically ANDing the two; the result thus only contains ones in positions where both pairs have ones; in all other positions it contains zeros.

Example

The file-creation mode mask 022 changes permissions as follows:

  • Files:
    The base mode setting for files is 110110110.

    1. The binary equivalent of octal 022 is   000010010
2. The complement of this value is         111101101
3. AND operation:                          111101101
                                           110110110
                                           ---------
                                           110100100

    The permissions for all newly created files will thus be rw-r--r--

  • Directories:
    The base mode setting for directories is 111111111.

    AND operation:   111101101
                 111111111
                 ---------
                 111101101

    All new directories created will thus have the permissions rwxr-xr-x

File

/etc/profile

File executed by each login shell; used to set a shell environment.
The POSIX administrator normally defines one mask value for users without special privileges and one for root in this file.

Locale

The following environment variables affect the execution of umask:

LANG

Provide a default value for the internationalization variables that are unset or null. If LANG is unset of null, the corresponding value from the implementation-specific default locale will be used. If any of the internationalization variables contains an invalid setting, the utility will behave as if none of the variables had been defined.

LC_ALL

If set to a non-empty string value, override the values of all the other internationalization variables.

LC_CTYPE

Determine the locale for the interpretation of sequences of bytes of text data as characters (for example, single- as opposed to multi-byte characters in arguments and input files), the classification of characters as upper- to lower-case, and the mapping of characters from one case to the other.

LC_MESSAGES

Determine the locale that should be used to affect the format and contents of diagnostic messages written to standard error.

NLSPATH

Determine the location of message catalogs for the processing of LC_MESSAGES.

Example 1

The following lines are often included in the /etc/profile file:

if [ "$USER" != "admin" -a "$USER" != "root" ]
then
        umask 066
fi

Since every login shell executes the /etc/profile file, the file-creation mode mask 066 applies to all users except root and admin.

The following permissions are thus assigned by default:

  • for new files created: rw-------

  • for new directories created: rwx--x--x

Example 2

Change the file-creation mode mask and display it:

$ umask 033

$ > new

$ mkdir newdir
$ ls -ld new newdir

-rw-r--r--   1 ANNE     other          0   Mar 22 09:49 new

drwxr--r--   2 ANNE     other        520   Mar 22 16:40 newdir
$ umask

0033

The output of the ls -ld ... command shows which access permissions are assigned to new files and directories when the file-creation mode mask has been set to the value 033.

See also

chmod

chmod(), creat(), open(), umask() [4]

Powered by Atlassian Confluence and Scroll Viewport.