umask decides the default permissions when you create:
- New files
- New directories
It removes permissions from Linux defaults.
Simple meaning:
Default permission = System default - umask
Check Current umask
Run:
umask
Example:
0022
Linux Default Permissions
Before umask, Linux starts with:
| Type | Default |
|---|---|
| File | 666 |
| Directory | 777 |
Why files are 666:
- read + write
- no execute by default
Why directories are 777:
- read + write + execute
Example: umask 022
File:
666 - 022 = 644
Result:
- rw-r--r--
Directory:
777 - 022 = 755
Result:
drwxr-xr-x
Example in Terminal
Check:
umask
Create file:
touch notes.txt
ls -l notes.txt
Result:
- rw-r--r--
Create folder:
mkdir project
ls -ld project
Result:
drwxr-xr-x
Common umask Values
| umask | File | Directory | Use |
|---|---|---|---|
| 022 | 644 | 755 | most Linux systems |
| 002 | 664 | 775 | team/shared servers |
| 077 | 600 | 700 | private/secure |
Example: 002
Set:
umask 002
Create file:
touch app.txt
Result:
- rw-rw-r--
Good for team collaboration.
Example: 077
Set:
umask 077
Create:
touch secret.txt
Result:
- rw-------
Only owner can access.
Temporary Change
umask 027
Works for current shell only.
Open new terminal = old value returns.
Permanent Change
Bash:
nano ~/.bashrc
Add:
umask 022
Reload:
source ~/.bashrc
System-wide:
/etc/profile
Real-World Examples
Web server
Use:
umask 022
Files readable by web server.
Shared DevOps team
Use:
umask 002
Team can edit files.
Private SSH/security
Use:
umask 077
For sensitive files.
Useful Commands
Check:
umask
Set:
umask 022
Test:
touch demo.txt
ls -l
Top comments (0)