Changing Permission Defaults with umask

Changing Permission Defaults with umask

Every time you create a file, the Unix system applies default permissions for you. This is great because, for many uses, the default permissions will be just what you want. In other cases, though, you'll want to specify different default permissions.

You can change the default permissions using umask. The umask command uses a numeric representation for permissions (as discussed in the previous section), but the numeric value you specify here is not the same as the one you'd use with chmod. (Don't ask why. We assume that Batman and Robin got together and made this command usable only by the Wonder Twins when their powers were activated.) So you have to figure out the umask value for the permissions you want, then use that value to set the new default permissions.

Note that you cannot set execute permissions by default, so you're really only figuring out the read and write permissions for u, g, and o categories.

To figure the umask value:



Start with 666. Again, don't ask why; it's just what you're supposed to start with.


Figure out which numeric values you'd use to set your desired permissions with the chmod command.

You might review the previous section, Translating Mnemonic Permissions to Numeric Permissions, and peek at Table 5.1 in that section.


Subtract that numeric value from 666.

For example, if the numeric value you'd use with chmod is 644, subtract that value from 666: 666644=022. 022 is the number you'll use with umask.

To set default file-creation permissions with umask:

  • umask 022

    Enter umask plus the number you calculated in the previous steps in this section (Code Listing 5.9).

    Code Listing 5.9. Use umask to set default permissions for future files.

    [ejr@hobbes permissions]$ umask 022 [ejr@hobbes permissions]$ touch tryit [ejr@hobbes permissions]$ ls -l try* -rw-r-r- 1 ejr  users  0 Jul 26 16:35 tryit 


  • Any changes made with umask apply only to the current shell session. If you want to revert to the default permissions but don't remember what they were, just log out and log back in and you'll be back to normal.

  • If you want to change permission defaults permanentlyor at least beyond the current shell sessionchange them in the configuration files as discussed in Chapter 8.

  • You cannot set the default permissions to include execute permission; it's a security feature, not an omission in Unix's capabilities. For example, suppose you make a new file and copy your favorite commands (or the ones you often forget) into it. If you accidentally type the filename, and the file is executable, you'll run that list of commands and the consequences could be unfortunate. Therefore, you have to explicitly grant execute permission for all files.

  • Yes, 666 is considered the Number of the Beast. We think that it's just a coincidence, but given the potential for confusion in this section, we're not sure.

  • Use umask or umask -s (depending on your specific shell and environment settings) to display your current umask settings.

Unix(c) Visual Quickstart Guide
UNIX, Third Edition
ISBN: 0321442458
EAN: 2147483647
Year: 2006
Pages: 251

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: