Understanding UMASK value in Linux

Share It!

UMASK (User Mask) is the default permission given when another file or directory is created on a Linux machine. At the point when user create a file or directory under Linux or UNIX, It create with a default set of permissions.Most of the Linux distros give 022 (0022) as default UMASK. In other words, it is a system default permissions for newly created files/folders in the machine.

  • The minimum and maximum UMASK value for a folder is 000 and 777
  • The minimum and maximum UMASK value for a file is 000 and 666
  • Default umask:

    Umask value is set for different reason with different value like files, directories, home directory for any user. The user file creation mode mask (umask) is use to decide the file permission for recently created files. It can be used to control the default file permission for new files. The default umask value 002 used for normal users and umask value 022 used for root user.

    Explain Octal umask Mode

    As I said before, if the default settings are not changed, file are created with the access mode 666 and directories with 777.

  • The default umask 002 used for normal user. With this mask directory permissions are 775 and file permissions are 664.
  • The default umask 022 used for the root user. With this mask directory permissions are 755 and default file permissions are 644.
    umask Octal Value File Permissions Directory Permissions
    0 rw- rwx
    1 rw- rw-
    2 r– r-x
    3 r– r–
    4 -w- -wx
    5 -w- -w-
    6 –x –x
    7 — (none) — (none)

    Check UMASK Value

    To check the umask value run the following command.

    # umask

    Change UMASK Value for New User

    For CentOS/RHEL
    The UMASK value can be set on /etc/profile file for all new users.

    # vim /etc/profile

    Find below lines and replace the values:

    if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
        umask 002
        umask 022

    For Ubuntu/Debain

    # vim /etc/pam.d/common-session
    # vim /etc/pam.d/common-session-noninteractive 

    Find below lines in both files:

    session    optional     pam_umask.so

    Changed the value as below:

    session    optional     pam_umask.so umask=0023

    Change UMASK Value for Existing User

    For existing users you can edit ~/.bashrc file in their home directory.

    # vim ~/.bashrc

    Add below line at the end of file:

    umask 033

    Change UMASK Value Temporary

    If you change the umask temporary then when system will reboot value will be change and set default value. To change the umask temporary run the following command:

    # umask 033

    Enjoy it!

  • Leave a Reply

    Your email address will not be published.