umask

umask

From Wikipedia, the free encyclopedia

Jump to: navigation, search

umask (abbreviated from user file creation mode mask) is a function in POSIX environments which affects the default file system mode for newly created files and directories of the current process. It controls which of the file permissions will not be set for any newly created file.

The permissions of a file created under a given umask value are calculated using the following bitwise operation (note that umasks are generally specified in octal):

bitwise AND of the unary complement of the argument (using bitwise NOT) and the full access mode.

The changes will take effect during the current session only.

The full access mode is 666 in the case of files, and 777 in the case of directories. Most Unix shells provide a umask command that affects all child processes executed in this shell.

A common umask value is 022 (masking out the write permission for the group and others), which ensures that new files are only writable for the owner (i.e. the user who created them). Another common value is 002, which leaves the write permission for the file's group enabled. This can be used for files in shared workspaces, where several users work with the same files.

[edit] Examples

Assuming the umask has the value 174, any new file will be created with the permissions 602 and any new directory will have permissions 603 because:

6668 AND NOT(1748) = 6028

while

7778 AND NOT(1748) = 6038
7778 = (111 111 111)2
1748 = (001 111 100)2
NOT(001 111 100)2 = (110 000 011)2
(111 111 111)2 AND (110 000 011)2 = (110 000 011)2
     7778           NOT (174)8          (603)8

Doing this in bash:

 $ umask 0174
 $ mkdir foo
 $ touch bar
 $ ls -l
 drw-----wx 2 dave dave 512 Sep  1 20:59 foo
 -rw-----w- 1 dave dave   0 Sep  1 20:59 bar

Using the above mask, octal 1 prevents user execute bit being set, octal 7 prevents all group bits being set, and octal 4 prevents the read bit being set for others.

你可能感兴趣的:(Linux)