topic Re: umask command ... in Operating System - HP-UX

umask command ...

Manuales — Thu, 02 Feb 2006 22:43:42 GMT

Hi, can you tell me how can i use umask command? i mean, i need that every time is generated a file in operating system with touch command or cat command, i need that appear with all the permissions ...

how can i do it?

Thanks, Manuales.

Re: umask command ...

RAC_1 — Thu, 02 Feb 2006 22:59:32 GMT

umask controls the file/dirs perms of a newly created file. With umask, you can not have a file with execute perm. That is by design itself. You can have all other perms but not execute perms.
e.g. umask of 0000 will create a file with rw perms for all.

Basically, the umask value is substracted from 666 for effective perms for files and umask value is subtracted from 777 for effective perms on a dir.

man umask for details.

Re: umask command ...

Manuales — Thu, 02 Feb 2006 23:49:51 GMT

if i want that all files created have all permissions, how do i must writte the umansk command parameters?

umask 0000?
umask 7777?
umask 6666?
umask 5555?

which one?

Thanks, Manuales.

Re: umask command ...

Patrick Wallek — Fri, 03 Feb 2006 00:01:37 GMT

If you set a umask of 000 then files will be created with permissions of 666 (-rw-rw-rw-) and directories with permissions of 777 (drwxrwxrwx).

You CAN NOT force a file to be created with 777 permissions. If you need the execute permission on a file it must be set manually with the chmod command.

Re: umask command ...

Patrick Wallek — Fri, 03 Feb 2006 00:04:40 GMT

I need to add the having files and directories with wide-open permissions is a VERY VERY BAD practice. This allows anyone and everyone logged onto the system to read/modify/remove/whatever the files. Very bad idea for security on a system.

Re: umask command ...

Sivakumar TS — Fri, 03 Feb 2006 01:07:28 GMT

Hi Mauales,

By default you CANNOT CREATE a file with executable permission, by setting the umask value you can make the default permission to "rw" for everyone.

But you can make it executable only by executing

#chmod

manually.

With Regards,

Siva.

Re: umask command ...

Muthukumar_5 — Fri, 03 Feb 2006 01:15:18 GMT

Default mask of umask 000 will create files with permission of 666 and directory as 777.

We have to have executable permission in a directory for browsing or searching. Meantime, file must not have the executable permission. It has to be changed by the user or group or world wide permission for execution.

Use the method of having default umask setting and use chmod command to change mode value.

--
Muthu

Re: umask command ...

Chan 007 — Sat, 04 Feb 2006 12:29:41 GMT

hi Man,

umask can be added in users .profile or /etc/profile.

Def will be 022 on the profile.

Chan

Re: umask command ...

James R. Ferguson — Sat, 04 Feb 2006 13:22:13 GMT

Hi Manuales:

As RAC noted, the manpages for 'umask' offer a reasonable explanation.

A reasonable 'umask' to set in your login profiles is 022, with 027 being a "strong" setting.

Remember that a *directory's* permissions control whether or not a file can be removed. If you have write permissions to a directory, you can remove a file that you own from it.

A directory like '/tmp', however, is often granted read-write-execute permissions for everyone. This is quite reasonable. However, the side-effect of this is that *anyone* can remove *any* file from this directory regardless of who owns it.

To limit non-root users to being able to remove only files they own, set the 'sticky' bit on the directory:

# chmod 1777 /tmp

See also my *last* comments in a similar thread where you asked a related question but closed the thread after asking but before reading:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=998150

Regards!

...JRF...