Theumaskcommand in Linux is used to set or display the default file creation permissions (called the “user file-creation mask”) for new files and directories. When a new file or directory is created, the umask value is subtracted from the system’s default permission settings to determine the final permissions assigned to the file or directory.
By default, files are typically created with666permissions (read and write for everyone), and directories are created with777permissions (read, write, and execute for everyone). Theumaskcommand sets a mask that restricts these default permissions.
Basic Syntax:umask [MASK]
[MASK]: The permission mask to apply (as an octal value).
Without any arguments,umaskdisplays the current mask.
HowumaskWorks
- Permissions for files: Files cannot have execute permissions by default. The default permission for files is
666(read and write for all). - Permissions for directories: Directories can have execute permissions. The default permission for directories is
777(read, write, and execute for all).
The umask value is subtracted from these defaults to calculate the actual permissions of the new file or directory.
Commonly Used Values
- 002: Allows read and write for the owner and group, and read for others (
775for directories,664for files). - 022: Allows read and write for the owner, read for the group and others (
755for directories,644for files). - 077: Allows full permissions for the owner, no permissions for the group and others (
700for directories,600for files).
umaskCommand Cheat Sheet
| Option | Description | Example |
|---|---|---|
umask | Displays the currentumaskvalue in octal notation | umask |
umask -S | Displays the currentumaskvalue in symbolic (human-readable) notation | umask -S |
umask [MASK] | Sets theumaskvalue to the specified mask | umask 022 |
umask 077 | Restricts permissions to only the owner (no access for group and others) | umask 077 |
Examples of Default File and Directory Permissions withumask
| umaskValue | File Permission | Directory Permission | Description |
|---|---|---|---|
| 022 | -rw-r--r--(644) | drwxr-xr-x(755) | Owner can read/write, group and others read only |
| 002 | -rw-rw-r--(664) | drwxrwxr-x(775) | Owner and group can read/write, others read only |
| 077 | -rw-------(600) | drwx------(700) | Only the owner has full permissions |
Conclusion
Theumaskcommand is an essential tool for managing default file and directory permissions in Linux. By controlling theumask, you ensure that newly created files and directories have the appropriate permissions for your security and access control requirements. Understanding how to set and checkumaskvalues helps system administrators maintain security while facilitating user and group collaboration.
如何实现基于Netty的WebSocket服务器?)
)