Information Technology Reference
In-Depth Information
A umask of 022 will remove group and other write permissions for both
newly created directories and files. In the previous example,
file1
is created
with a default mode of 666. Subtracting the umask of 022 results in 644 or
rw-r--r--
. The directory
dir1
is created with a default mode of 777.
Subtracting the umask of 022 results in 755 or
rwxr-xr-x
.
Remember directories
are
created with execution permission (777) and files
are not
created with execution permission (666). Specifying a
umask
that contains execution
permission (values of 1,3, 5 or 7) will only affect directories.
The following code shows the umask command setting the default
file/directory permissions and then creating a file and directory to verify the
default permissions:
# umask 111
# >file2
# mkdir dir2
# ls -l
total 2
drw-rw-rw- 2 root other 512 Jun 30 02:29 dir2
-rw-rw-rw- 1 root other 0 Jun 30 02:29 file2
#
# umask 027
# >file3
# mkdir dir3
# ls -l
total 2
drwxr-x--- 2 root other 512 Jun 30 02:48 dir3
-rw-r----- 1 root other 0 Jun 30 02:48 file3
#
Changing File Permissions
The access mode of existing files and directories can be modified using the
chmod(1)
command. The
chmod
command can use absolute or symbolic
mode.
Absolute mode is straightforward, as shown in the following listing:
# ls -l file1
-rwxrwxrw- 1 ambro other 636 Jul 24 12:39 file1
# chmod 645 file1
# ls -l file1
-rw-r--r-x 1 ambro other 636 Jul 24 12:39 file1
#
When using symbolic mode, the class of system account (user, group, or
other) is defined using the letters
u
,
g
, and
o
. Permissions are added using
the
+
character, whereas permissions are removed using the
-
character.