All new files should have chmod = 774

User A has read+write access on Directory owned by user B.
In .profile of user A i have set umask=003 so that all files that user A creates(future) in that directory get created as 774 but it is not working and files are being created as 664.

Can someone please advise on how can all files created (in future) by user A can have 774?
Thanks
LVL 1
oracopAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Maciej SConnect With a Mentor sysadminCommented:
You can't achieve this (setting execute permission for files with umask).
If you are creating file, umask value is subtracted from 666, not 777.
0
 
omarfaridConnect With a Mentor Commented:
this depends on the command / tool used to create files. It will set files perms while creating them. you can not do much here.
0
 
TintinConnect With a Mentor Commented:
You need to have some process that changes the permissions after the files have been created as you can't control this with the umask.
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
omarfaridConnect With a Mentor Commented:
maybe a crontab job that runs every say 5 min that change perms
0
 
tkutherConnect With a Mentor Commented:
I'd use inotifywait from the inotify-tools package and write a small script that just keeps running all the time
#!/bin/bash
 
WATCHED_DIRS="/tmp/aaa /tmp/bbb"
 
for dir in ${WATCHED_DIRS}; do
        if [[ ! -d "${dir}" ]]; then
                echo "Error: ${dir} does not exist"; exit 1
        fi
done
 
while true; do
        EVENT="`inotifywait -q -r -e create ${WATCHED_DIRS}`"
        DIR="`echo ${EVENT}|awk -F' CREATE ' '{print $1}'`"
        FILE="`echo ${EVENT}|awk -F' CREATE ' '{print $2}'`"
 
        if [[ ! -f "${DIR}${FILE}" ]] || [[ -x "${DIR}${FILE}" ]]; then
                continue
        fi
 
        chmod 774 ${DIR}${FILE}
done

Open in new window

0
 
tkutherConnect With a Mentor Commented:
...if inotify is available at all on the system. I should have thought of that first. Above works on Linux.

On Solaris it could be done with BSM Audit and parsing its logs maybe.
0
 
docbertConnect With a Mentor Commented:
umask is a "mask" in that it is used to remove permissions when creating a file.  What's going to cause you difficulty is that two things are used when creating a new file - the first is the permissions that the program creating the file asks for, and the second is the umask.

ie, if the program creating the file asks for the permissions "777" and the umask is 003, then the resulting permissions will be 774.  However if the program asks for "644" and the umask is 003, then you're going to end up with 644 - none of the bits you've asked to be cleared are set, and thus it doesn't change the result.  Normally this isn't a problem as you wouldn't want execute permissions on a file anyway - or if you did, the program creating the file will normally explicitly ask for execute permission (eg, by setting the default permissions to 777)

umask can not be used to add bits to the permissions the original program sets.  This leaves you with 2 options.

The first is as has been suggested above - something that reactively changes the permissions.  This is ugly, but might be your only choice. You could do this with a cron job and the "find" command using the -perms options to look for files that don't match your desired permissions.

The second options it to change whatever is creating the file.  Some software (eg, Samba) has config options that allow you to set the default permissions for a file.  Set that to 777, and then with your umask or 003 the end result will be 774 as desired.  Alternatively if you've got the source you can change the default permissions in that - look for it using the "open" system call, and change the permissions it's passing.
0
 
oracopAuthor Commented:
Please close the question and refund the points.... Am not able to get Solution specific to problem.
Thanks all for your feedback.

regards.
0
 
TintinCommented:
Sometimes a non-solution can be a solution.  Not every problem is solvable.

0
 
TintinCommented:
I'd split the points between oklit, omarfarid, tintin, tkuther and docbert.

Reason being that an explanation was given why the solution wasn't possible using umask, but some alternative workarounds were given.

If the workarounds weren't suitable, then the questioner should have followed up with some feedback.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.