[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

basic umask and /etc/fstab question

Posted on 2004-11-08
7
Medium Priority
?
7,003 Views
Last Modified: 2008-01-09
Hello all,

I have about 2 years of Linux experience, but I haven't had a reason to learn about umask until just recently.
I am working on a RedHat 2.1 Advanced Server box.
I am trying to set up a non-root user for routine system maintenance, and I need new files created on the box to allow full permissions to both root and members of the file's group.

# umask
# 022
# >newfile
# ll -ha newfile
# rw-r--r-- newfile .... etc....

The output above is what I get normally.
Now, I changed the umask manually and tested it like this:

# umask 002
# 002
# >newfile-afterchange
# ll -ha newfile-afterchange
# rw-rw-r-- newfile-afterchange .... etc....

Now... this is perfect; however, I'm not exactly sure I'm doing this correctly because I sometimes see umask formats as three digits and sometimes as four? i.e. 022 or 0022

1. Is there a difference in format? And, if so, what is it?

Secondly, I attempted, on a test server, to set up the umask in fstab in order to persist between reboots.
My root partition had the options field in the /etc/fstab file set to "defaults" before the change.
I changed the options field by deleting the "defaults" option and adding the following:

umask=0002

I rebooted and now it thinks the FS is read-only... so....

2. How do I correctly set up fstab to mount my root partition with the desired umask of 0002?

And...

3. How can I fix the test server and get it working again?? And, is there something I'm missing about umask in general? I thought it was just something to set the file permissions on newly created files but it seems to be causing strange errors....

Thank you very much in advance!

-t
0
Comment
Question by:NorCal1876
7 Comments
 
LVL 16

Assisted Solution

by:xDamox
xDamox earned 160 total points
ID: 12523820
Now on slackware you will get "0022", First ignore the first 0. Now we have 022.
The first 0 makes sure the owner has ALL the permissions of a file. You can tell
that becuase you have no permissions you want to turn off. Now the next two numbers
you have a 2 for. The 2 indicates that you NEVER want to set write permissions.

Now that method above of trying to find a umask is a bit confusing. All you do is
set the number what you DONT want the user to have. Now there is an easier way of
finding out a umask. You can subtract the permission from 777. Example

777 - 750 = 027

That is the umask of the 750 permission
0
 

Author Comment

by:NorCal1876
ID: 12523845
Okay, so do you have any idea why after setting the umask in fstab, it mounted my filesystem as read-only?

What does "defaults" imply in the /etc/fstab file?

Thanks!

-t
0
 
LVL 4

Accepted Solution

by:
EinarTh earned 480 total points
ID: 12524840
1) I think the first zero is for special bits, e.g. the sticky bit, just like you sometimes see file permissions written as e.g. 0755 or 4711 (setuid bit). When you're dealing with normal files and only care about permission bits, you skip the leading zero.

2) I've never heard that you can or should mount filesystems with a umask... could very well be wrong tho... Not sure if I understand correctly what you're trying to do, but if you are setting up a normal user, with some administrative rights, I think the wheel group (as per bsd conventions) and the sudo program, along with a correct umask _for the user_ and directory permissions) should do the trick... If you'd care to elaborate on the goals, I might be able to help more.

3) download and burn knoppix iso (http://www.knoppix.org)
Boot with it, mount the root filesystem somewhere, edit /mntpoint/etc/fstab & reboot without knoppix cd.

cheers.
0
Veeam and MySQL: How to Perform Backup & Recovery

MySQL and the MariaDB variant are among the most used databases in Linux environments, and many critical applications support their data on them. Watch this recorded webinar to find out how Veeam Backup & Replication allows you to get consistent backups of MySQL databases.

 
LVL 4

Expert Comment

by:NorCal2612
ID: 12524926
1) Ah okay thanks.

2) Well, if I manually set the umask to 002, files created have the correct permissions; however, after reboot, the umask returns to the default value of 022.

The scenario is as follows:

the /usr/interbase/databases directory - owned by root, admin group, has the setguid bit set, permissions 775

All files in the /usr/interbase/databases directory are owned by root, admin group, with permissions 664

my new user is a member of the admin group

I need all new files created in this directory to have 664 permissions... with the default umask of 022, new files are created with 644 permissions

Does this clarify things at all??

Thanks for the help!

0
 
LVL 40

Assisted Solution

by:jlevie
jlevie earned 320 total points
ID: 12526475
Typically umask=0 in an fstab entry will be accompanied by a user option. That allows an ordinary user to mount a resource and that user, not root, then owns the mounted data.

To have the umask survive a reboot you need to set the umask in the user's login init script (typically ~/.bashrc). I'd recommend against changing it system wide as that may open security holes in other places.

In this case you'll probably also want to set umask=002 in the shell that starts the database (probably a script in /etc/init.d).
0
 

Author Comment

by:NorCal1876
ID: 12526661
>> To have the umask survive a reboot you need to set the umask in the user's login init script (typically ~/.bashrc). I'd recommend against changing it system wide as that may open security holes in other places.

Brilliant!!

Alright guys, thanks! :P
0
 
LVL 3

Expert Comment

by:dbacalja
ID: 12526959
As EinarTh already pointed out - first number in 4-digit umask is for special bits.

As for the read-only filesystem - defaults parameter says mount to use the following parameters: rw, suid, dev, exec, auto, nouser and async. Since you deleted the defaults parameter, you removed rw parameter as well. That's why your FS is read only.

Furthermore, you said you try to set umask parameter for your root filesystem. I guess your filesystem is something like ext2/ext3. AFAIK umask parameter is not supported on ext2/ext3 filesystem (check 'man mount'). Check dmesg or /var/log/messages. You'll probably find something like:
...
EXT3-fs: Unrecognized mount option umask
...

P.S.
If I'm wrong and umask is supported on ext2/ext3 filesystem, then just readd defaults to your /etc/fstab entry and you should have no problem!
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses
Course of the Month18 days, 15 hours left to enroll

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question