umask

From Wikipedia, the free encyclopedia
Jump to: navigation, search

In computing, umask is a command that determines the settings of a mask that controls which file permissions are set for files and directories when they are created. It also refers to a function that sets the mask, and to the mask itself, which is formally known as the file mode creation mask.

In UNIX, each file and directory has sets of attributes which control who is permitted access (aka modes). When a file or directory is created the permissions to be set are specified. The mask restricts which permissions are allowed. If the mask bit is set to "1", the corresponding permission will be disabled. For a bit set to "0", the corresponding permission will be determined by the program and the system. In other words, the mask acts as a last-stage filter that strips away permissions as a file or directory is created where the bit that is set to a "1". Since the permissions are categorized by owner, group and other "the mask" helps with defaulting access. The modes can be changed using chmod.

Each program (technically called a process) has its own mask, which is applied whenever that process creates a new file. Each process is able to change the settings of its own mask using a function call. When the process is a shell, the mask is set with the umask command. When a shell, or any other process, launches a new process, the child process inherits the mask from its parent process. The mask does not work retroactively, that is, changes made to the mask only affect new files created after the changes are made. Generally, the mask only affects file permissions during the creation of new files and has no effect when file permissions are changed in existing files, however, in some specific cases it can help determine permissions when file permissions are changed in existing files using the chmod command.

The mask is always stored as a group of bits. It may be displayed in binary, octal, or symbolic notation. Usually, it is represented in octal notation (e.g., 0754) or symbolic notation (e.g., u=rwx,g=rx,o=r) (see symbolic notation below for details). The umask command uses the same octal and symbolic notation as the chmod command.

The umask command is used with Unix-like operating systems and the umask function is defined in the POSIX.1 specification.

History[edit]

The mask, the umask command, and the umask function were not part of the original implementation of UNIX. The operating system evolved in a relatively small computer center environment where security was not an issue.

Unix eventually grew to serve hundreds of users from different organizations. At first, developers made creation modes for key files more restrictive, especially for cases of actual security breaches, but this was not a generally (or universally) workable solution.

The mask and the umask command were introduced around 1978 between the sixth edition and the eighth edition of the operating system, so it could allow sites, groups, and individuals to choose their own defaults.[1] The mask has since been implemented in most, if not all, of the contemporary implementations of UNIX-like (POSIX) operating systems. Typically for operating systems that don't support umask there is a toolkit that is available that has the command.

Shell command[edit]

In a shell, the mask is set by using the umask command. The syntax of the command is:[2]

umask [-S ] [maskdefinition]

(the items within the [brackets] are optional)

Displaying the current mask[edit]

If the umask command is invoked without any arguments, it will display the current mask. The output will be in either octal or symbolic notation depending on the operating system used,[3] however, invoking umask with the -S argument (i.e., umask -S) will force it to display the current mask in symbolic notation. For example:

$ umask
0022
$ umask -S
u=rwx,g=rx,o=rx

Setting the mask using octal notation[edit]

If the umask command is invoked with an octal argument, it will directly set the bits of the mask to that argument:

$ umask          # display current value
0022
$ umask 0077     #set to prevent files from being created with any access by group members or others
$ umask          #display confirms new setting
0077
$ umask -S       # display symbolically
u=rwx,g=,o=

If fewer than 4 digits are entered, leading zeros are assumed. An error will result if the argument is not a valid octal number (or symbolic argument — see below) or if it has more than 4 digits.[4]

Octal codes used in the command[edit]

Octal digit in
umask command
Prevents (if requested)
7 read, write and execute
6 read and write
5 read and execute
4 read only
3 write and execute
2 write only
1 execute only
0 no permissions

Setting the mask using symbolic notation[edit]

If the umask command is invoked with an argument using symbolic notation, it will add to, substract from, or directly set the bits of the mask as directed by the [maskdefinition] argument of the umask command. The symbolic notation is composed of permission-symbols, user-class-letters, and operators.

The syntax of the [maskdefinition] in the umask command looks like this:

umask [user-class-letters] operator permission-symbols[,]...

There are no spaces allowed between the arguments. The only space is between the umask command itself and the arguments.

The permission-symbols indicate which file permission settings are to be allowed or prohibited by the mask when files are subsequently created. There are three basic file permission modes which correspond to the basic permissions. They are r (read), w (write), and x (execute). The more esoteric symbols are X (special execute), s (setuid/guid), t (sticky bit). (See File permissions for more details.)

Symbol Name Description
r read read a file or list a directory's contents
w write write to (or delete) a file or directory
x execute execute a file or recurse a directory tree
X special execute which is not a permission in itself but rather can be used instead of x. It allows the application of execute permissions to directories regardless of their current permissions and allows the application of execute permissions to a file which already has at least 1 execute permission bit already set (either user, group or other). It is only really useful when used with '+' d
s setuid/gid See File permissions for details.
t sticky See File permissions for details.

The permissions of a file are applied to three different classes of users: the user (the file's owner), the group, and others. (See File permissions for details.) Those user classes are represented by one or more of the following letters:

Letter Class Description
u user the owner of the file
g group users who are members of the file's group
o others users who are not the owner of the file or members of the group
a all all three of the above, it is the same as ugo. (This is the default if no class is specified in the umask command.)

The umask command uses an operator to specify how the permission modes of the mask should be adjusted. The following operators are accepted:

Operator How the mask works after the command in issued
+ During file creation, the mask will allow the specified file permissions to be enabled for the specified user classes; (permissions that are not specified are unchanged in the mask)
- During file creation, the mask will prohibit the specified file permissions from being enabled for the specified user classes; (permissions that are not specified are unchanged in the mask)
= During file creation, the mask will allow the specified file permissions to be enabled for the specified user classes; permissions not specified will be prohibited by the mask during file creation

For example:

umask u+w

This would set the mask so that it would, when files are subsequently created, allow write permission to be enabled for the user (file owner). The rest of the bits in the mask would be unchanged.

Multiple changes can be specified by separating multiple sets of symbolic notation with commas. (Spaces are not allowed within the arguments.) For example:

umask u-x,g=r,o+w

This would set the mask so that it would, when subsequent files are created:

  1. prohibit the execute permission from being set for the file's owner (user), while leaving the rest of the owner bits in the mask unchanged;
  2. allow the read permission to be enabled for the group, while prohibiting write and execute permission for the group;
  3. allow the write permission to be enabled for others, while leaving the rest of the other bits in the mask unchanged.

Command line examples[edit]

Here are more examples of using the umask command.

umask command issued How the mask works after the command is issued
umask a+r allows read permission to be enabled for all user classes; the rest of the mask bits are unchanged
umask a-x prohibits enabling execute permission for all user classes; the rest of the mask bits are unchanged
umask a+rw allows read or write permission to be enabled for all user classes; the rest of the mask bits are unchanged
umask +rwx allows read, write or execute permission to be enabled for all user classes; (Note: On some UNIX platforms, this will restore the mask to a default.)
umask u=rw,go= allow read and write permission to be enabled for the owner, while prohibiting execute permission from being enabled for the owner; prohibit enabling any permissions for the group and others
umask u+w,go-w allow write permission to be enabled for the owner; prohibit write permission from being enabled for the group and others;
umask -S display the current umask in symbolic notation
umask 777 disallow read, write, and execute permission for all
umask 000 allow read, write, and execute permission for all (security risk)
umask 113 allow read or write permission to be enabled for the owner and the group, but not execute permission; allow read permission to be enabled for others, but not write or execute permission
umask 0755 equivalent to u-rwx (4+2+1),go=w (4+1 & 4+1). (The 0 specifies that special modes may be enabled if allowed by the OS.)

Function call[edit]

The mask may be set using a function call. The GNU functions are declared in sys/stat.h. The function is:[5]

mode_t umask (mode_t mask)

The umask function will set the mask of the current process to mask, and return the previous value of the mask.

Here is an example from GNU.org which shows how to read the mask without changing it permanently:

mode_t
read_umask (void) {
    mode_t mask = umask (0);
    umask (mask);
    return mask;
}

However, on GNU/Hurd systems it is better to use the getumask function if reading the mask value is the only requirement, because it is reentrant.

mode_t getumask (void)

Returns the current value of the mask for the current process. (Note: The getumask function is a GNU extension and is only available on GNU/Hurd systems.

Mask effect[edit]

The mask is applied whenever a file is created. If the mask has a bit set to "1", that means the corresponding file permission will always be disabled when files are subsequently created. A bit set to "0" in the mask means that the corresponding permission will be determined by the requesting process and the OS when files are subsequently created. In other words, the mask acts as a last-stage filter that strips away permissions as a file is created; each bit that is set to a "1" strips away that corresponding permission for the file.

Truth table[edit]

Here is the truth table for the masking logic. Each bit in the requesting process' file permission mode is operated on by the mask using this logic to yield the permission mode that is applied to the file as it is created. (p is a bit in the requested file permission mode of a process that is creating a file; q is a bit in the mask; r is the resulting bit in the created file's permission mode)

p q r
T T F
T F T
F T F
F F F

How the mask is applied[edit]

Programmatically, the mask is applied by the OS by first negating (complementing) the mask, and then performing a logical AND with the requested file mode. In the [probably] first UNIX manual to describe its function,[1] the manual says,

"the actual mode... of the newly-created file is the logical and of the given mode and the complement of the argument. Only the low-order 9 bits of the mask (the protection bits) participate. In other words, the mask shows [indicates] the bits to be turned off when files are created."

—UNIX Eighth Edition Manual, Bell Labs UNIX (manual), AT&T Laboratories
How umask (in octal) translates to full (r, w, x) permissions.
Mask digit
(octal)
Mask digit
(binary)
Mask digit
negated (binary)
Logical AND with 
"rwx" request[6] 
0 000 111 rwx
1 001 110 rw-
2 010 101 r-x
3 011 100 r--
4 100 011 -wx
5 101 010 -w-
6 110 001 --x
7 111 000 ---

Logic[edit]

The mask is applied using boolean logic known as material nonimplication or abjunction. It is represented in logic notation as:

C: (P&(~Q))

This says that the file's permission mode (C) is a result of a logical AND operation between the negation of the mask (Q), and the process' requested permission mode setting (P).

Exceptions[edit]

Note: Many operating systems do not allow a file to be created with execute permissions. In these environments, newly created files will always have execute permission disabled for all users.

The mask is generally only applied to functions that create a new file, however, there are exceptions. For example, when using UNIX and GNU versions of chmod to set the permissions of a file, and symbolic notation is used, and no user is specified, then the mask is applied to the requested permissions before they are applied to the file. For example:

$ umask 0000
$ chmod +rwx filename
$ ls -l filename
-rwxrwxrwx filename
$ umask 0022
$ chmod +rwx filename
$ ls -l filename
-rwxr-xr-x filename

Processes[edit]

Each process has its own mask, which is applied whenever the process creates a new file. When a shell, or any other process, spawns a new process, the child process inherits the mask from its parent process.[7] When the process is a shell, the mask is changed by the umask command. As with other processes, any process launched from the shell inherits that shell's mask.

Mount option[edit]

In the Linux kernel, the fat, hfs, hpfs, ntfs, and udf file system drivers support a umask mount option, which controls how the disk information is mapped to permissions. This is not the same as the per-process umask described above, although the permissions are calculated in a similar way. Some of these file system drivers also support separate umasks for files and directories, using mount options such as fmask.

See also[edit]

References[edit]

  1. ^ a b "UNIX 8th Edition Manual, Bell Labs UNIX". Manual. AT&T Laboratories. Retrieved 2013-01-14. 
  2. ^ "AST UNIX MANUAL:umask(1)". Manual. AT&T Laboratories. Retrieved 2013-01-14. 
  3. ^ "umask", The Single UNIX Specification, Version 2: (manual), The Open Group, 1997, retrieved 2013-01-14 
  4. ^ Note: Some programming languages require a prefix symbol in front of octal notation such as the digit 0, or the letters o or q. The umask command does not use this type of prefix notation -- only the octal digits are used.
  5. ^ "14.9.7 Assigning File Permissions", The GNU C Library for glibc 2.17 (manual), Free Software Foundation, Inc., 3 January 2013, retrieved 2013-01-14 
  6. ^ Note: Operating systems usually will also strip off execute permissions on newly created files.
  7. ^ "umask(2)", Linux Programmer's Manual release 3.32 (manual), Linux man-pages project, 9 January 2008, retrieved 2013-01-01