basic umask and /etc/fstab question

Hello all,

I have about 2 years of Linux experience, but I haven't had a reason to learn about umask until just recently.
I am working on a RedHat 2.1 Advanced Server box.
I am trying to set up a non-root user for routine system maintenance, and I need new files created on the box to allow full permissions to both root and members of the file's group.

# umask
# 022
# >newfile
# ll -ha newfile
# rw-r--r-- newfile .... etc....

The output above is what I get normally.
Now, I changed the umask manually and tested it like this:

# umask 002
# 002
# >newfile-afterchange
# ll -ha newfile-afterchange
# rw-rw-r-- newfile-afterchange .... etc....

Now... this is perfect; however, I'm not exactly sure I'm doing this correctly because I sometimes see umask formats as three digits and sometimes as four? i.e. 022 or 0022

1. Is there a difference in format? And, if so, what is it?

Secondly, I attempted, on a test server, to set up the umask in fstab in order to persist between reboots.
My root partition had the options field in the /etc/fstab file set to "defaults" before the change.
I changed the options field by deleting the "defaults" option and adding the following:

umask=0002

I rebooted and now it thinks the FS is read-only... so....

2. How do I correctly set up fstab to mount my root partition with the desired umask of 0002?

And...

3. How can I fix the test server and get it working again?? And, is there something I'm missing about umask in general? I thought it was just something to set the file permissions on newly created files but it seems to be causing strange errors....

Thank you very much in advance!

-t
NorCal1876Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

xDamoxCommented:
Now on slackware you will get "0022", First ignore the first 0. Now we have 022.
The first 0 makes sure the owner has ALL the permissions of a file. You can tell
that becuase you have no permissions you want to turn off. Now the next two numbers
you have a 2 for. The 2 indicates that you NEVER want to set write permissions.

Now that method above of trying to find a umask is a bit confusing. All you do is
set the number what you DONT want the user to have. Now there is an easier way of
finding out a umask. You can subtract the permission from 777. Example

777 - 750 = 027

That is the umask of the 750 permission
0
NorCal1876Author Commented:
Okay, so do you have any idea why after setting the umask in fstab, it mounted my filesystem as read-only?

What does "defaults" imply in the /etc/fstab file?

Thanks!

-t
0
EinarThCommented:
1) I think the first zero is for special bits, e.g. the sticky bit, just like you sometimes see file permissions written as e.g. 0755 or 4711 (setuid bit). When you're dealing with normal files and only care about permission bits, you skip the leading zero.

2) I've never heard that you can or should mount filesystems with a umask... could very well be wrong tho... Not sure if I understand correctly what you're trying to do, but if you are setting up a normal user, with some administrative rights, I think the wheel group (as per bsd conventions) and the sudo program, along with a correct umask _for the user_ and directory permissions) should do the trick... If you'd care to elaborate on the goals, I might be able to help more.

3) download and burn knoppix iso (http://www.knoppix.org)
Boot with it, mount the root filesystem somewhere, edit /mntpoint/etc/fstab & reboot without knoppix cd.

cheers.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

NorCal2612Commented:
1) Ah okay thanks.

2) Well, if I manually set the umask to 002, files created have the correct permissions; however, after reboot, the umask returns to the default value of 022.

The scenario is as follows:

the /usr/interbase/databases directory - owned by root, admin group, has the setguid bit set, permissions 775

All files in the /usr/interbase/databases directory are owned by root, admin group, with permissions 664

my new user is a member of the admin group

I need all new files created in this directory to have 664 permissions... with the default umask of 022, new files are created with 644 permissions

Does this clarify things at all??

Thanks for the help!

0
jlevieCommented:
Typically umask=0 in an fstab entry will be accompanied by a user option. That allows an ordinary user to mount a resource and that user, not root, then owns the mounted data.

To have the umask survive a reboot you need to set the umask in the user's login init script (typically ~/.bashrc). I'd recommend against changing it system wide as that may open security holes in other places.

In this case you'll probably also want to set umask=002 in the shell that starts the database (probably a script in /etc/init.d).
0
NorCal1876Author Commented:
>> To have the umask survive a reboot you need to set the umask in the user's login init script (typically ~/.bashrc). I'd recommend against changing it system wide as that may open security holes in other places.

Brilliant!!

Alright guys, thanks! :P
0
dbacaljaCommented:
As EinarTh already pointed out - first number in 4-digit umask is for special bits.

As for the read-only filesystem - defaults parameter says mount to use the following parameters: rw, suid, dev, exec, auto, nouser and async. Since you deleted the defaults parameter, you removed rw parameter as well. That's why your FS is read only.

Furthermore, you said you try to set umask parameter for your root filesystem. I guess your filesystem is something like ext2/ext3. AFAIK umask parameter is not supported on ext2/ext3 filesystem (check 'man mount'). Check dmesg or /var/log/messages. You'll probably find something like:
...
EXT3-fs: Unrecognized mount option umask
...

P.S.
If I'm wrong and umask is supported on ext2/ext3 filesystem, then just readd defaults to your /etc/fstab entry and you should have no problem!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.