basic umask and /etc/fstab question

Posted on 2004-11-08
Last Modified: 2008-01-09
Hello all,

I have about 2 years of Linux experience, but I haven't had a reason to learn about umask until just recently.
I am working on a RedHat 2.1 Advanced Server box.
I am trying to set up a non-root user for routine system maintenance, and I need new files created on the box to allow full permissions to both root and members of the file's group.

# umask
# 022
# >newfile
# ll -ha newfile
# rw-r--r-- newfile .... etc....

The output above is what I get normally.
Now, I changed the umask manually and tested it like this:

# umask 002
# 002
# >newfile-afterchange
# ll -ha newfile-afterchange
# rw-rw-r-- newfile-afterchange .... etc....

Now... this is perfect; however, I'm not exactly sure I'm doing this correctly because I sometimes see umask formats as three digits and sometimes as four? i.e. 022 or 0022

1. Is there a difference in format? And, if so, what is it?

Secondly, I attempted, on a test server, to set up the umask in fstab in order to persist between reboots.
My root partition had the options field in the /etc/fstab file set to "defaults" before the change.
I changed the options field by deleting the "defaults" option and adding the following:


I rebooted and now it thinks the FS is read-only... so....

2. How do I correctly set up fstab to mount my root partition with the desired umask of 0002?


3. How can I fix the test server and get it working again?? And, is there something I'm missing about umask in general? I thought it was just something to set the file permissions on newly created files but it seems to be causing strange errors....

Thank you very much in advance!

Question by:NorCal1876
    LVL 16

    Assisted Solution

    Now on slackware you will get "0022", First ignore the first 0. Now we have 022.
    The first 0 makes sure the owner has ALL the permissions of a file. You can tell
    that becuase you have no permissions you want to turn off. Now the next two numbers
    you have a 2 for. The 2 indicates that you NEVER want to set write permissions.

    Now that method above of trying to find a umask is a bit confusing. All you do is
    set the number what you DONT want the user to have. Now there is an easier way of
    finding out a umask. You can subtract the permission from 777. Example

    777 - 750 = 027

    That is the umask of the 750 permission

    Author Comment

    Okay, so do you have any idea why after setting the umask in fstab, it mounted my filesystem as read-only?

    What does "defaults" imply in the /etc/fstab file?


    LVL 4

    Accepted Solution

    1) I think the first zero is for special bits, e.g. the sticky bit, just like you sometimes see file permissions written as e.g. 0755 or 4711 (setuid bit). When you're dealing with normal files and only care about permission bits, you skip the leading zero.

    2) I've never heard that you can or should mount filesystems with a umask... could very well be wrong tho... Not sure if I understand correctly what you're trying to do, but if you are setting up a normal user, with some administrative rights, I think the wheel group (as per bsd conventions) and the sudo program, along with a correct umask _for the user_ and directory permissions) should do the trick... If you'd care to elaborate on the goals, I might be able to help more.

    3) download and burn knoppix iso (
    Boot with it, mount the root filesystem somewhere, edit /mntpoint/etc/fstab & reboot without knoppix cd.

    LVL 4

    Expert Comment

    1) Ah okay thanks.

    2) Well, if I manually set the umask to 002, files created have the correct permissions; however, after reboot, the umask returns to the default value of 022.

    The scenario is as follows:

    the /usr/interbase/databases directory - owned by root, admin group, has the setguid bit set, permissions 775

    All files in the /usr/interbase/databases directory are owned by root, admin group, with permissions 664

    my new user is a member of the admin group

    I need all new files created in this directory to have 664 permissions... with the default umask of 022, new files are created with 644 permissions

    Does this clarify things at all??

    Thanks for the help!

    LVL 40

    Assisted Solution

    Typically umask=0 in an fstab entry will be accompanied by a user option. That allows an ordinary user to mount a resource and that user, not root, then owns the mounted data.

    To have the umask survive a reboot you need to set the umask in the user's login init script (typically ~/.bashrc). I'd recommend against changing it system wide as that may open security holes in other places.

    In this case you'll probably also want to set umask=002 in the shell that starts the database (probably a script in /etc/init.d).

    Author Comment

    >> To have the umask survive a reboot you need to set the umask in the user's login init script (typically ~/.bashrc). I'd recommend against changing it system wide as that may open security holes in other places.


    Alright guys, thanks! :P
    LVL 3

    Expert Comment

    As EinarTh already pointed out - first number in 4-digit umask is for special bits.

    As for the read-only filesystem - defaults parameter says mount to use the following parameters: rw, suid, dev, exec, auto, nouser and async. Since you deleted the defaults parameter, you removed rw parameter as well. That's why your FS is read only.

    Furthermore, you said you try to set umask parameter for your root filesystem. I guess your filesystem is something like ext2/ext3. AFAIK umask parameter is not supported on ext2/ext3 filesystem (check 'man mount'). Check dmesg or /var/log/messages. You'll probably find something like:
    EXT3-fs: Unrecognized mount option umask

    If I'm wrong and umask is supported on ext2/ext3 filesystem, then just readd defaults to your /etc/fstab entry and you should have no problem!

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Suggested Solutions

    Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
    Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
    Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now