umask defines default permissions for newly created files and directories by specifying which permissions to remove.
# View current umask
umask
umask -S # Symbolic display
# Common umask values:
# 022 = removes write for group/others (default for most systems)
# 002 = removes write for others only
# 077 = removes all permissions for group/others
# Default permissions without umask:
# Files: 666 (rw-rw-rw-)
# Directories: 777 (rwxrwxrwx)
# With umask 022:
# Files: 666 - 022 = 644 (rw-r--r--)
# Directories: 777 - 022 = 755 (rwxr-xr-x)
# Test umask effects:
umask 022
touch test_file
mkdir test_dir
ls -la test_file test_dir
# Set umask for current session
umask 022 # Standard umask
umask 002 # Group-friendly umask
umask 077 # Paranoid umask
# Set permanently in shell configuration
echo "umask 022" >> ~/.bashrc
# Set system-wide default
echo "umask 022" >> /etc/profile
# Secure environment (personal use)
umask 077 # Only owner has access to new files
# Collaborative environment
umask 002 # Group can read/write, others can read
# Web development
umask 022 # Standard permissions for web files
# Shared development server
umask 002
# Combined with SGID directories for automatic group inheritance
Next: → The Find Command Advanced File Search
Previous: ← Special Permission Bits
Lesson Home: ↑ Lesson 10: Permissions
Course Home: ⌂ Introduction to Linux