Understanding UMASK value in Linux

What is umask value?

In computing, umask is a command that determines the default permission to be set on any file or directory is created. It also refers to a function that sets the mask, and to the mask itself, which is formally known as the file mode creation mask.

 

What is default umask value?

Now this question can be tricky or simple depending on the interviewer/person asking the question. Umask value is set for different purpose with different value like files, directories, home directory for any user.

So, answering individually each question

Default umask value for creating new directory is 0022 i.e. 0755
Default umask value for creating new file is 0022 i.e. 0644
Default umask value for using useradd command is 0002 i.e. 0700

 

How umask value is calculated?

To understand the umask value you need to be very clear with the permission concept used in Linux/Unix. Now here I will be very brief explaining the permission part as that would divert me with the original topic.

The Octal notation for permission in Linux/Unix

Octal Value Permission
0 No Permission
1 Execute only
2 Write only
3 Write and execute
4 Read only
5 Read and execute
6 Read and write
 7 Full permission

Now you don't need to memorize the above chart. The permission is calculated using binary digits as shown below

Binary Octal Value Permission
20 1 Execute Only
21 2 Write only
22 4 Read only

Using the above chart you can get the value of 0-7 octal permission

 

Coming back to calculate umask value.
Full permission for any directory is considered 777 and 666 for any file which acts as the base permission for calculation umask value for directory and file respectively.

To give a default permission of 755 to every directory to be created
777 - 755 = 022

So the umask value to be set will 022 for getting a default permission of 755

 

Let us take another example
To give a default permission of 700 to every directory to be created
777 - 700 = 077

So the umask value to be set will 077 for getting a default permission of 700

 

How to view default umask value?

Use the below command to view umask value in octal mode

# umask
0022

To view umask value in symbolic mode

# umask -S
u=rwx,g=rx,o=rx

 

Why does the default umask value contains 4 digits?

The first digit in 0022 defines the special permission value. In case you want to set any special permission to every file/directory to be created then you can define the value accordingly.

For understanding all the special permission and their value follow the below link
Understanding Special Permission SGID in Linux
Understanding Special Permission SUID in Linux
Understanding Special Permission Sticky Bit in Linux

 

How to set default value of umask ?

You can set the default umask value temporarily or permanently as per your requirement.

To temporarily set the umask value run the below command on your terminal

# umask new_umask_value
# umask 0077

You can verify the same using umask command

To permanently set the umask value for files/directory creation
Add the umask value to be set inside ~/.bashrc or ~/.bash_profile as every time you login the above files are executed updating the new umask value.

To understand the difference between .bashrc and .bash_profile file follow the below link
How to set environment (PATH) variable permanently in Linux

IMPORTANT NOTE:

But if you execute useradd command the home directory created has 700 as default permission which means it doesnot takes the umask value defined locally. For useradd command umask value is set differently inside /etc/login.defs
# less /etc/login.defs
# The permission mask is initialized to this value. If not specified,
# the permission mask will be initialized to 022.
UMASK           077

As you can see above the default umask value for creating home directory for any user is 077.

Leave a Comment