umask : Generalities & practical examples

bash shell


This post is a quick summary of the umask command and concept.

The umask (UNIX shorthand for “user file-creation mode mask”) is a four-digit octal number that UNIX uses to determine the file permission for newly created files. Every process has its own umask, inherited from its parent process.

Beside the concept stands the command: The umask command is used to specify (or print when called without parameters) permissions on newly created file(s) and dir(s).



1 Generalities

The umask specifies the permissions you do not want given by default to newly created files and directories. umask works by doing a bitwise AND with the bitwise complement of the umask. Bits that are set in the umask correspond to permissions that are not automatically assigned to newly created files.

When a file or directory is to be created the system is looking for a umask value (go here for the file(s) where the umask is defined). In a bash environment “0666” is used as “files base permissions” and “0777”  as “directories base permissions”  those are the values on which are applied the AND operations.

A given umask value will set default file and/or directory permissions as:

  • For a file (0666 used as octal base)
    0666 – <umask_value> = permissions
    e.g : 0666 – 0022 = 0644
  • For a directory (0777 used as octal base)
    0777 – <umask_value> = permissions
    g : 0777 – 0022 = 0755


1.1 Examples

  • Default umask on linux box is “022” which result in:
    0644 / -rw-r--r -- # permissions for a new file
    0755 / drwxr-xr-x # permissions for a new dir
  • Another example, for a umask value equal to “002“, this would result in the following permissions:
    0664 / -rw-rw-r-- # permissions for a new file
    0775 / drwxrwxr-x # permissions for a new dir


2 umask syntax

  • print the umask for the current user (default is octal mode)
    umask # gives: 0022
  • print the umask for the current user in symbolic mode
    umask -S # gives: u=rwx,g=rx,o=rx
  • print the umask for the current user in a directly usable form
    umask -p # gives: umask 0022
  • Set the umask for the current user
    umask 0011


3 Where the heck is defined the user’s and/or system-wide umask ?

  • User‘s umask are defined in the .login, .bashrc or .bash_profile (see this post for the differences between those last 2 files) files, located in their $HOME dir.
  • System-wide umask is defined in the same files from /etc

As for most configuration files that exist in system-wide AND user specific version, the user specific override the system-wide setup.


4 Common umask values

 umask  User Access   Group Access     Other
0000 all all all
0002 all all read, execute
0007 all all none
0022 all read, execute read, execute
0027 all read, execute none
0077 all none none
Tagged on: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site supports SyntaxHighlighter via WP SyntaxHighlighter. It can highlight your code.
How to highlight your code: Paste your code in the comment form, select it and then click the language link button below. This will wrap your code in a <pre> tag and format it when submitted.