Chapter 6. Generic issues

Table of Contents
File permissions and UMASK
Setting the Umask

File permissions and UMASK

What is a UMASK?

The umask is the method of automatically defining the default set of permissions a file will have when created or uploaded. you know how unix files have permissions, something like the following: -rwxr-x--- which you will see when doing an "ls -l" in a directory. here's what they mean: -rwxrwxrwx 1234567890 1) For normal files, the 1st character is "-". For directories, it's "d". For symbolic links, it's "l". for other files (devices and FIFOs, see the ls man page) 2,3,4) Read, write and execute permissions for the file's owner. 5,6,7) Read, write and execute permissions for the file's group. 8,9,0) Read, write and execute permission for everyone else. So, lets say that I have a file with these permissions: -r-x------ If I want to change it to -rwxr-xr-x I have to do something like this chmod a+rx file chmod u+w file Do you know how to count in octal? If not, use this cheat, I mean, shortcut: r = 4 w = 2 x = 1 so, read + execute = 4 + 1 = 5, and read + write + execute = 7. so If I did a chmod 755 file I would get -rwxr-xr-x When one does a "chmod xyz file": The x is the file's owner permissions, the y is the file's group permissions, and the z is the files others permissions. This way, one can do a single chmod, and effect ALL the file's permissions at once. As for a umask, this is the REVERSE of the permissions: -rwxr-x--- is 750 The REVERSE of the umask is is 027 (-----w-rwx). I guess you could think of a umask as the permissions to TAKE AWAY from a file. by setting one's umasks to 027 would make it so any file you create, will be created with the permissions 027 REMOVED from the file. Like: -rwxrwxrwx minus -----w-rwx __________________ equals -rwxr-x--- }}What is a umask that will create 775? 002 Want to know how you can tell? 777; where each 7 is equal to rwx, therefore 002 is 775. So, then 775 = -rwxrwxr-x Where the r = 4 the w = 2 and the x = 1 ------ 7 HTH, -Sneex- :] (Note that the leading 0 is assumed -- yes it's octal :)

I've got a quick question.. We've picked proftpd as our best bet at our site and we're trying to configure it. Everything looks great except for one problem. Users can create directories just fine, but they can't change to them once they're created - when the directories are created, they lack the execute bit. We're shooting for permissions of 640 (rw-r-----) for files and 750 (rwxr-x---) for directories. I've been using the Umask configuration directive as shown below: Umask 0137 0027