HPE Community
Operating System - HP-UX
1826372 Members
4048 Online
109692 Solutions
New Discussion

Re: umask command ...

 
SOLVED
Go to solution
Manuales
Super Advisor

‎02-02-2006 02:43 PM

‎02-02-2006 02:43 PM

umask command ...

Hi, can you tell me how can i use umask command? i mean, i need that every time is generated a file in operating system with touch command or cat command, i need that appear with all the permissions ...

how can i do it?

Thanks, Manuales.
0 Kudos
Reply
8 REPLIES 8
RAC_1
Honored Contributor

‎02-02-2006 02:59 PM

‎02-02-2006 02:59 PM

Solution

Re: umask command ...

umask controls the file/dirs perms of a newly created file. With umask, you can not have a file with execute perm. That is by design itself. You can have all other perms but not execute perms.
e.g. umask of 0000 will create a file with rw perms for all.

Basically, the umask value is substracted from 666 for effective perms for files and umask value is subtracted from 777 for effective perms on a dir.

man umask for details.
There is no substitute to HARDWORK
Reply
Manuales
Super Advisor

‎02-02-2006 03:49 PM

‎02-02-2006 03:49 PM

Re: umask command ...

if i want that all files created have all permissions, how do i must writte the umansk command parameters?

umask 0000?
umask 7777?
umask 6666?
umask 5555?

which one?

Thanks, Manuales.
0 Kudos
Reply
Patrick Wallek
Honored Contributor

‎02-02-2006 04:01 PM

‎02-02-2006 04:01 PM

Re: umask command ...

If you set a umask of 000 then files will be created with permissions of 666 (-rw-rw-rw-) and directories with permissions of 777 (drwxrwxrwx).

You CAN NOT force a file to be created with 777 permissions. If you need the execute permission on a file it must be set manually with the chmod command.
Reply
Patrick Wallek
Honored Contributor

‎02-02-2006 04:04 PM

‎02-02-2006 04:04 PM

Re: umask command ...

I need to add the having files and directories with wide-open permissions is a VERY VERY BAD practice. This allows anyone and everyone logged onto the system to read/modify/remove/whatever the files. Very bad idea for security on a system.
Reply
Sivakumar TS
Honored Contributor

‎02-02-2006 05:07 PM

‎02-02-2006 05:07 PM

Re: umask command ...


Hi Mauales,

By default you CANNOT CREATE a file with executable permission, by setting the umask value you can make the default permission to "rw" for everyone.

But you can make it executable only by executing

#chmod

manually.

With Regards,

Siva.
Nothing is Impossible !
Reply
Muthukumar_5
Honored Contributor

‎02-02-2006 05:15 PM

‎02-02-2006 05:15 PM

Re: umask command ...

Default mask of umask 000 will create files with permission of 666 and directory as 777.

We have to have executable permission in a directory for browsing or searching. Meantime, file must not have the executable permission. It has to be changed by the user or group or world wide permission for execution.

Use the method of having default umask setting and use chmod command to change mode value.

--
Muthu
Easy to suggest when don't know about the problem!
Reply
Chan 007
Honored Contributor

‎02-04-2006 04:29 AM

‎02-04-2006 04:29 AM

Re: umask command ...

hi Man,

umask can be added in users .profile or /etc/profile.

Def will be 022 on the profile.


Chan
Reply
James R. Ferguson
Acclaimed Contributor

‎02-04-2006 05:22 AM

‎02-04-2006 05:22 AM

Re: umask command ...

Hi Manuales:

As RAC noted, the manpages for 'umask' offer a reasonable explanation.

A reasonable 'umask' to set in your login profiles is 022, with 027 being a "strong" setting.

Remember that a *directory's* permissions control whether or not a file can be removed. If you have write permissions to a directory, you can remove a file that you own from it.

A directory like '/tmp', however, is often granted read-write-execute permissions for everyone. This is quite reasonable. However, the side-effect of this is that *anyone* can remove *any* file from this directory regardless of who owns it.

To limit non-root users to being able to remove only files they own, set the 'sticky' bit on the directory:

# chmod 1777 /tmp

See also my *last* comments in a similar thread where you asked a related question but closed the thread after asking but before reading:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=998150

Regards!

...JRF...

Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.