[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1119
  • Last Modified:

how to set umask higher than default 666 for files

Is it possible to set file permission greater than the default 666 to 755 upon creation of new files and how would I make it permanent using umask. This is for a individual user with a bash shell login.
0
FranHill
Asked:
FranHill
  • 5
  • 5
  • 4
  • +3
2 Solutions
 
TintinCommented:
Short answer is that you can't do it with umask.
0
 
97WideGlideCommented:
If I understand the question, I respectfully disagree with Tintin.

You can setup umask in /etc/bashrc or /etc/profile file for all users.

Steps :
-----------------------------------------------
Open /etc/profile (global) or ~/.bashrc file
# vi /etc/profile
OR
$ vi ~/.bashrc

Append/modify following line to setup a new umask:
umask 755
0
 
97WideGlideCommented:
Woops,    

umask 0022
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
TintinCommented:
I'll respectfully disagree with 97WideGlide :)  You've misunderstood the question.

Franhill is wanting to know if it is possible to set the umask so that a newly created file will have 755 permissions.  This is not possible with umask.  You need to use chmod to add execute permission after the file is created.

0
 
FranHillAuthor Commented:
Tintin

You are on the right track. So are you saying since it is a unix standard to have files created as 666 then it is not possible use the umask command to set defaults to a higher value ie 755. And that the user must chmod the file manually?
0
 
97WideGlideCommented:
That is what I thought he meant.

The default umask value can be set in /etc/profile, or individually, in user's home directory, right ?

I'm pretty sure I've done it.
0
 
TintinCommented:
Correct Fran.
0
 
TintinCommented:
Just to explain a little further.  Directories have a base permission of 777 and files have a base permission of 666.  The umask operates against the base permission, so even if your umask is 000, the highest perms you can have on a file is the base permission, ie: 666
0
 
97WideGlideCommented:
Ok, I C what you R saying.  But that is a completely different question ( i think ).  

umask can be set to anything you want in the startup files but,  

if the OP wants to set the executable bit on all created files, then the answer to the OPs question is not, "you can't do that" it's, "under what circumstances would you want to?".
0
 
FranHillAuthor Commented:
vi filechg2
"filechg2" 4 lines, 62 characters
#!/bin/csh
foreach i(`ls`)
chmod 755 $i

I could script this but how would  I eliminate any directories in the ls output?
and should I put it .bash_profile or .bashrc ?

0
 
TintinCommented:
If you are talking about single directory, then just do

chmod +x *

assuming you don't unusual permissions on directories.
0
 
97WideGlideCommented:
To change file mode use :

find <yourdirectory> -type f -exec chmod 755 '{}' \;

man find     -- For help
0
 
NopiusCommented:
Hello, FranHill.

I mostly agree with Tintin, but not absolutly. On Solaris it is possible to inherit default permissions from the above directory with 'acl' enabled, but no more than 0666, yes he is right. This is so, because all POSIX tools use '0666' mode when creating files.


With Solaris 10 we also can intervent creat64() syscall with dtrace (this is definitly NOT the right way) and change mode argument to 777 and use any 'umask' we want to restrict real file creation bits.

This is a kind of workaround:
1) As root create a file 'chmod.d' (change 1234 to the UID of the user that need 'modified' default access rights):

#!/usr/sbin/dtrace -Cs
#pragma D option destructive

syscall::creat64:entry
/$uid == 1234/
{
  self->filename=arg0;
}

syscall::creat64:return
/$uid == 1234/
{
  system("chmod 755 %s", copyintr(self->filename));
}

2) run dtrace script (you may do it in background or upon system startup):
chmod +x chmod.d
./chmod.d

3) Now try to login as user with id 1234 and create any file...

This IS a hack and ONLY for Solaris 10.
0
 
omarfaridCommented:
I agree with Tintin and Nopius, but I would say it is the application / command / tool that creates the file which sets the file permissions and umask will moderate it. e.g. if you have umask set to 022 and you compile a program (e.g. c program with cc or gcc) then the compiler set permissions to 777 and because of the umask it is set to 755. On the other hand, vi editor set permissions to 666 which umask set it to 644
0
 
Brian UtterbackPrinciple Software EngineerCommented:
Getting back to the unanswered question, why would you want to set the execute bit on non-executable files?
0
 
FranHillAuthor Commented:
blu

It's a request from the client. Not saying setting every file to 755 is a good idea.
I just wanted to know if it was possible to do with umask which I didn't think it was
but justed wanted to be absolutley sure. So I turned to the experts!
0
 
NopiusCommented:
> I just wanted to know if it was possible to do with umask

It is possible ONLY when application, that creates file uses 0777 mode! You cannot have more access bits then creating application assigns to the file, but you can restrict them with umask...

So in most cases - no, it is not :-)

0
 
FranHillAuthor Commented:
Thanks Tintin and Nopius
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 5
  • 5
  • 4
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now