When we create a new file or directory in Linux, the system automatically assigns it the default file permissions. umask also known as user file mode creation mask is used to define and assign these default permissions for every user in the system.

Here at Fixwebnode, we shall look into more about the umask command and how to use it to define default file permissions.

How does the umask command work ?

'Mask' defines permission grouping, which controls how permissions are set for newly created files and directories. The umask command is used to assign default permissions to files and directories.

'umask' signifies the below:

• A user-defined file creation mask. A file creation mask can be used to choose how to control permissions. This mask relates to the default system permissions and updates them. The umask command applies this mask.
• The umask command that sets the default umask value either in octal format or symbolic format.

The umask command defines default system file and directory permissions, which are divided into three categories:

• User: Defines owner permissions. The user who creates the file or folder is the default owner.
• Group: Defines group permissions for a Linux group that share the same permissions for a file or directory.
• Other: Defines permissions for anyone who is not the owner and is not part of the group. When these permissions are set, anyone can access the files and folders. We generally call them world-readable files and directories.

To find out how the umask and permissions work, you need to run the below command:

$ ls -la

From the output, note the following:

• User permissions - The user has read and write permissions on the file.
• Group permissions - Group has read and write permissions on the file.
• Other permissions - Others have only read permissions on the file.
• Hard links - A hard link is created for this file.
• Owner user name - Name of the owner user.
• Owner group - Name of the owner group.
• Size - Total size of the file in bytes.
• Date/time last modified - Last modified date and time of the file.
• File / directory name - Name of the file.

RWX in the mask means the ability to read, write, and execute. The execute permission does not apply to the files. 

How does umask differs from chmod ?

The umask command and chmod commands are both used to set permissions in Linux, but they are inherently different from each other.

• The umask command changes the default permissions and thus the permissions set using this command are automatically applied to all the newly created files and directories.
• The chmod command changes permissions for the existing files and folders. For example, if you assign ownership of the file named services to user tom and group adm, then the change will be limited to services file only. It will not affect any other file on your system.
• The umask command affects permissions for the entire system, whereas the chmod command affects permissions of only the specified files.

What is the umask Command ?

The umask command is used to set the default umask value for files and folders in your Linux computer. All the newly created files and directories on your system will use the permissions defined by the umask command.

To check the current mask, simply run the below command:

$ umask

If the output gives:

0003

Then:

• The first digit 0 is known as a sticky bit, which is a special security feature.
• Next three digits denote the octal umask value of the file or directory umask.

What is the syntax of the Umask Command ?

The syntax of the umask command is:

$ umask [-p] [-S] [mask]

Umask command Options is given below:

• mask: Represents the new mask you are applying in an octal format.
• -p: Displays the current mask with the umask command. You can copy it for future reference.
• -S: Displays symbolic umask value of the current mask.

What is the Umask Value ?

The umask value is represented in both symbolic and numeric formats.

The symbolic format is represented in the rwx (read-write-execute) format. The leftmost character is for read permissions, the middle character is for write permission, and the rightmost character is for execute permission. For example, if symbolic umask is set to r-- for the owner, then the owner will have only the read permissions on the particular file or directory.

The following describes the octal mode umask values:

• Permission  Octal Value Binary Value Description
• -       0             000          No permission
• -x       1             001          Only execute permissions
• -w-       2             010          Only write permission
• -wx       3       011          Write and execute permissions
• r-       4             100          Only read permissions
• r-x       5             101          Read and execute permissions
• rw-       6             110          Read and write permissions
• rwx       7             111          All permissions- read, write, and execute

What is the Umask Value for Files and Directories ?

Before changing the umask value on your system, you must understand its impact on the default file and folder permissions.

• The default system permissions for files is 666 (rw-rw-rw-) and for directories is 777 (rwxrwxrwx).
• The default mask value is 002. It changes folder permissions to 777-002 = 775 (rwxrwxr-x) and file permissions to 666-002 = 664 (rw-rw-r--).
• The final umask value results by subtracting the default mask value from the default system values (777 and 666).

How to set the Umask Values ?

To set folder permissions for owner, group, and others to read, then we need to set umask to 333:

$ umask 0333

You can also use symbolic values to set umask:

$ umask u=rwx,g=rwx,o=r

Here:

• u sets permission for the user/owner.
• g sets permission for the group.
• o sets permissions for others.

The command only sets the specified file permissions. For example, for others we want to assign only read permissions, so we specify a symbolic value of only read (r).

[Need help in fixing Linux System problems ? We can help you. ]