How do I set the default file and directory permissions?
Author: Deron Eriksson
Description: This tutorial demonstrates how to use umask to set the default file and directory permissions.
Tutorial created using: CentOS release 4.6
The default file and directory permissions that are set when you create files and directories can be set using the umask command.
In terms of UNIX file permissions, read has a value of 4, write has a value of 2, and execute has a value of 1. When displaying a long listing of files and directories, there are ten characters at the beginning of each line. The first character describes the file/directory type ("-" is file, "d" is directory, etc). The next 3 characters are the permissions for the user that owns the file ("rwx" signifies read, write, execute; "r--" signifies read but not write or execute; etc.). The next 3 characters are the permissions for the group that owns the file. The last 3 characters are for the permissions that others have for the file/directory.
If you run umask, you can see your current umask setting. What happens is that this set of numbers is subtracted from the default permissions value for files and directories.
The default directory permissions are 777. The default file permissions are 666. Thus, if you have a umask value of 002 (or 0002), you end up with 775 directory permissions and 664 file permissions. The 775 number means "read,write,execute" for the user, "read,write,execute" for the group, and "read,execute" for others. The 664 number means "read,write" for the user, "read,write" for the group, and "read" for others.
As an example, first I call "umask" which displays the default umask value, 0002. Next, I create a file (using touch) and a directory (using mkdir). After this, we can see that the file permissions are "rw-rw-r--" (664) and the directory permissions are "rwxrwxr-x" (775). Then I change the umask value to 044 and create another file and another directory. After doing this, we can see that the second file's permissions are "rw--w--w-" (622) and that the second directory's permissions are "rwx-wx-wx" (733).
If you'd like to set a default umask value for each time you log on to your account, you can do this in your .bashrc file in your home directory.
After setting the umask to 777 in .bashrc, I log off and log back on. Now, if I create a new file (myfile3) and a new directory (mydir3), we can see that the default file permissions are "---------" (000) and the default directory permissions are "---------" (000).
If you'd like to set the default umask settings for all users, you can do this in the /etc/bashrc file. Here, we can see the normal user default is 002, and the root user default is 022. Users can override this by updating their .bashrc files with a different umask setting.