UMASK: Thanks for the replies, + summary

Andy Clews andy at syma.sussex.ac.uk
Tue Sep 4 20:58:35 AEST 1990


I would like to thank the following people who (so far) have taken the
trouble to email me with helpful suggestions regarding how to explain
the workings of umask (the old fashioned one):

Eirik Fuller, Dwight Ernest, Don Libes, Doug Gwyn, Stephen Walick, Steve
Friedl, Art Neilson, Gordon Burditt and "anarchy" (real name unknown!).

I though Art Neilson's was one of the better contributions, so I hope he
doesn't mind being quoted here. I have no idea whether the words are
his own or taken from another source (he didn't say).

- From: Art Neilson <art at pilikia.pegasus.com>

UMASK - User Mask command

The "umask" (user mask) command sets default file creation permissions
for your session, and is usually placed in your .profile Bourne shell
startup script or your .login C-shell startup script.  The example below
will be used throughout this explanation on the use of the umask. 

		0		2		2
		|		|		|
		owner		group		public

The three numbers above control the default permissions given to files
you create.  Permissions in Unix are divided into 3 groups, permissions
for the owner, permissions for the group and permissions for the general
public.  All users on a system fall into the "public" category, users
working on a project together often will belong to the same "group", ask
your system administrator what "group" you belong to.  The last category
"owner" refers to the owner of the file, this is you if you create the
file. 

The table below shows the relation of the numbers above to the category
they are in. 

		0	=	no permissions
		1	=	execute/search permission
		2	=	write permission
		4	=	read permission

By using this table, we can see that in the example umask 022 above, the
permissions are:

		0		2		2
		|		|		|
		owner		group		public
		none		write		write

The confusing part of this is that having a particular permission turned
on means that files created will *not* have that particular permission,
it is "masked out".  Referring to the above example, we can see that by
default, files created by a user will *have* the following permissions:

		0		2		2
		|		|		|
		owner		group		public
		all		read		read
				execute		execute

Of course the execute will be on only if the file is an executable, i.e. 
a binary program or a shell script.

To reiterate, the umask controls what permissions will *not* be given by
default when you create files.  022 is a very common umask for users to
have, another common example is

		002

		0	owner has all permissions
		0	group has all permissions
		2	public only has read/execute permission
			(write permission is masked out)

The number 2 is most often used because it controls write permission. 
By specifying 2 in a category you are disabling default write permission
for that category when you create files.  If you have further questions
on this topic, please contact your system administrator. 
-----


-- 
Andy Clews, Computing Service, Univ. of Sussex, Brighton BN1 9QN, England
JANET: andy at syma.sussex.ac.uk   BITNET: andy%syma.sussex.ac.uk at uk.ac



More information about the Comp.unix.questions mailing list