Data Networking Blog
Blog for Admins

Linux File System Permissions – umask


In the previous post Linux File System Permissions – Basics we learned about the basic permissions on files and folders. How does the system know what are the default permissions when you create a file/folder?

Let’s create a new file as an ordinary user.

So, I added a file called examplefile as user anna. The file created, by default, has read+write for the owner, read+write for the group and only read for everyone else. But how did the system decide on those permissions? Well, it is done using the umask or the user file creation mask. Every user account has a default umask value which you can see by typing umask on command line and for user anna it is 0002 as shown below:

Well, it might still not make any sense what does 0002 have to do with the permissions we saw earlier?

The way this works is that a file has a default mask of 666 and folders have a default of 777 so when a file or folder is created, system does a NOT operation on the default values so in this case, since it was a file we created, system will do a NOT operation on values 666 and the user’s umask value 002 (ignore the first 0) and the result is 664 which is exactly what we saw earlier. Let’s create a folder and see if the results match

So, remember the default for a directory is 777 and the umask for anna is 002 and the result should be 775 which translates to Read+Write+Execute for owner and group and Read+Execute for everyone else and so the calculations are correct.

You can change the default umask value for a user by editing the .bash_profile file in the user’s home directory. Let’s add a umask 0046

After making these changes you will have to logout and log back in as the same user. Now create another file called examplefile2 as the same user and see the permissions.

So, this time the permissions are Read+Write for user, Write for Group and no permissions for others. How? Remember 666 is the default for files and we changed user anna’s umask to 046 which gives us 620. Try the same with a folder. Create a folder called testdirectory2 and check permissions.

Again, remember the default for folders is 777 and umask for anna is 046 and the result is 731. And that is how the umask works.

June 29, 2017 Linux, RHCSA, Uncategorised Jd
Font Size
Decrease Size Default Size Increase Size
Select Skin
Select Underlay Background
Select Overlay Background
Scheme Switcher Toggle