umask Command
The umask (user file-creation mode mask) command in Linux is used to set the default file permissions for newly created files and directories. It specifies which permission bits are to be cleared (masked) from the maximum possible permissions (666 for files, 777 for directories) when a new file or directory is created.
Syntax
Description
The umask command is a shell built-in that affects the permissions of files and directories created by the current user. The umask value is a three-digit octal number that represents the permissions that are *removed* from the default permissions. For files, the default is 666 (rw-rw-rw-), and for directories, it's 777 (rwxrwxrwx).
Common uses include:
- Setting default permissions for new files and directories
- Enhancing security by restricting default access
- Ensuring consistent permissions across a user's session
- Understanding how file permissions are derived
Common Options
| Option | Description |
|---|---|
-p |
If the mode argument is omitted, the current umask is printed in a form that can be reused as input. |
-S |
If the mode argument is omitted, the current umask is printed in symbolic form. |
Examples
Check current umask
Displays the current umask value in octal notation (e.g., 0022).
Check current umask in symbolic mode
Displays the current umask value in symbolic mode (e.g., u=rwx,g=rx,o=rx).
Set umask to 002
Sets the umask to 002. New files will have 664 (rw-rw-r--) and new directories 775 (rwxrwxr-x) permissions.
Set umask to 077
Sets the umask to 077. New files will have 600 (rw-------) and new directories 700 (rwx------) permissions, restricting access to the owner only.
Create a file and observe permissions
touch newfile.txt
ls -l newfile.txt
Sets umask to 022, creates a file, and then lists its permissions to demonstrate the effect.