Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 735
  • Last Modified:

default permissions assigned by cp command in Unix

Hi,

What is the default permissions mask when using the cp command in Unix?  it appears to be 644.  I would like to have it be 770.  Umask won't help in this instance as it only takes away permissions, it doesn't add them, apparently?  Is there another way to get that done w/o having to chmod every copied file?

Thanks!

--Ben
0
Ben Conner
Asked:
Ben Conner
  • 7
  • 3
  • 2
2 Solutions
 
Rok BrnotCommented:
cp -p will preserve permissions, so if original permissions are 770...
0
 
Ben ConnerCTO, SAS developerAuthor Commented:
Ah.  That explains a lot. :)  What about when creating a file from scratch?

--Ben
0
 
Ben ConnerCTO, SAS developerAuthor Commented:
If I wasn't using the -p argument, what would cp do?  This was in a script I had run.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Rok BrnotCommented:
In the absence of this option (-p), the permissions of existing destination files are unchanged, while each new file is created with the mode bits of the corresponding source file, minus the bits set in the umask and minus the set-user-ID and set-group-ID bits.
0
 
Ben ConnerCTO, SAS developerAuthor Commented:
Ah.  So there are default permissions masks associated with individual userids and groups?  That is probably what the root cause of this is, then.  Is there a non-su command available to change that default?
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
The directory you are copying into probably has rw-r--r-- (644) security set. Files created (cp without -p) in there will have those as well. Changing that directory to rwxrwx--- will give you your default of 770 (again without umask).
0
 
Ben ConnerCTO, SAS developerAuthor Commented:
Hm.  Just checked and all the target folders had 770 assigned.  Is there a default security setting assigned when an account is set up?  Never been an admin so I wouldn't know.  They don't give me sharp objects.

--Ben
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
That would be the umask. Can you check umask? Just type umask to display the current.
0
 
Ben ConnerCTO, SAS developerAuthor Commented:
Hi Gerwin,

Thanks, will look at that when I get in to work in a little while.  I guess though I was trying to confirm that while setting up a userid for the first time, there is a spot where the admin sets this for that account as a default?

--Ben
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
Yes, it is set at /etc/profile for example on RHEL:

# By default, we want umask to get set. This sets it for login shell
# Current threshold for system reserved uid/gids is 200
# You could check uidgid reservation validity in
# /usr/share/doc/setup-*/uidgid file
if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
    umask 002
else
    umask 022
fi
0
 
Ben ConnerCTO, SAS developerAuthor Commented:
That nails it.  So my assumption is if an admin can create it, they can modify it.  That would save us a lot of hassle.

Thanks much!!

--Ben
0
 
Ben ConnerCTO, SAS developerAuthor Commented:
Excellent insight on an area that isn't very well documented in common references.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 7
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now