Detailed explanation of the use principle and calculation method of the umask command under Linux

umask Umask usage

umask sets the default permissions for newly created files and directories.

You can see that the directory created by root is 755 and the file is 644

[root@zaishu zaishu]# touch test.txt
[root@zaishu zaishu]# mkdir test

[root@zaishu zaishu]# ls -l
total 0
drwxr-xr-x 2 root root 6 Nov 25 16:29 test  
-rw-r--r-- 1 root root 0 Nov 25 16:28 test.txt

Normal User

You can see that the directories created by ordinary users are 775 and the files are 664

[mysql@zaishu ~]$ touch test.txt
[mysql@zaishu ~]$ mkdir test
[mysql@zaishu ~]$ ls -l
total 0
drwxrwxr-x 2 mysql mysql 6 Nov 25 16:30 test
-rw-rw-r-- 1 mysql mysql 0 Nov 25 16:30 test.txt

These default permission values ​​are calculated using the umask setting.

principle

Linux uses the umask default permissions to assign initial permissions to all newly created files and directories. So, how do we know the value of the umask default permission? Simply use the umask command:

1. umask value

[root@zaishu ~]# umask
0022

[mysql@zaishu ~]$ umask
0002

#The default value for root user is 0022, and the default value for ordinary user is 0002

The default permissions of umask are indeed composed of 4 octal numbers. The first number represents the special permissions of the file (SetUID, SetGID, Sticky BIT), which is ignored first. The last three digits “022” correspond to ----w–w-.

2. Maximum file directory permissions

In Linux systems, the maximum default permissions for files and directories are different:

For files, the maximum default permission is 666, which is rw-rw-rw-. x is the maximum file permission. It will not be given when a new file is created and can only be granted manually by the user.

For directories, the maximum default permission is 777, that is, rwxrwxrwx.

3. Conventional calculations

The initial permissions for files and directories are calculated as follows:

The initial permissions of a file (or directory) = the maximum default permissions of the file (or directory) - umask permissions

[mysql@zaishu ~]$ umask
0002
[mysql@zaishu ~]$ mkdir test
[mysql@zaishu ~]$ ll -d test
drwxrwxr-x 2 mysql mysql 6 Nov 26 10:50 test // The default permission of the directory can be up to 777, 777-002 = 775

[mysql@zaishu ~]$ touch h.txt
[mysql@zaishu ~]$ ll h.txt 
-rw-rw-r-- 1 mysql mysql 0 Nov 26 10:52 h.txt // Maximum file permissions 666, 666-002 (ordinary user) 666-002 = 664
[root@zaishu ~]# touch h2
[root@zaishu ~]# ls -l h2 
-rw-r--r-- 1 root root 0 Nov 26 10:53 h2 // Maximum file permissions 666, 666-002 (root) 666-022 = 644

4. Rigorous calculation

When calculating the initial permissions for a file or directory, it is not rigorous to directly use the maximum default permissions and the numerical form of the umask permissions for subtraction. For example, if the default permission value of umask is 033, the initial permission of the file is calculated in numerical form, 666-033=633, but if we calculate in alphabetical form, we will get (rw-rw-rw-) - (----wx-wx) = (rw-r–r--), which is 644 in numerical form.

The subtraction here actually means "masking", that is, the part of the maximum default permissions that is common to the umask permissions will be masked through the subtraction operation, and the remaining "maximum default permissions" are the initial permissions finally granted to the file or directory.

Modify the umask value

1. Temporary effect (current session)

The umask permission value can be modified directly:

[root@localhost ~]# umask 002
[root@localhost ~]# umask
0002
[root@localhost ~]# umask 033
[root@localhost ~]# umask
0033

The umask modified in this way is only temporary and will become invalid once the system is restarted or re-logged in.

2. Permanent effect

To make the changes permanent, you need to modify the corresponding environment variable configuration file /etc/profile.

[root@zaishu~]# vim /etc/profile
...some parts omitted...
if [ $UID -gt 199]&&[ "'id -gn'" = "'id -un'" ]; then
    umask 002
    #If the UID is greater than 199 (ordinary user), use this umask value else
    umask 022
    #If UID is less than 199 (super user), use this umask value fi

Summarize

This is the end of this article about the usage principle and calculation method of the umask command under Linux. For more information about the detailed explanation of the umask command under Linux, please search for previous articles on 123WORDPRESS.COM or continue to browse the related articles below. I hope everyone will support 123WORDPRESS.COM in the future!