Linux system file default permissions detailed

file default permissions: umask

Do you know what is the default property when creating a new file or directory? Then it is related to umask. So, what is umask? Basically, umask is the default value of the attribute when the current user creates a file or directory. So, how do you know or set the umask? It specifies the condition in the following way:

[root@linux ~]# umask0022[root@linux ~]# umask -Su=rwx,g=rx, o=rx

There are two ways to view. One is to directly input umask, you can see the number setting permission of the numeric type, and the other is to add the -S (Symbolic) parameter, which will be in the form of symbol type. Display permissions. The strange thing is, how does umask have 4 sets of numbers? Isn't there only 3 groups? That's right. The first group is for special permissions. Let's ignore it first, so look at the next three groups.

On the properties of the default permissions, the directory is not the same as the file. Since we don't want files to have executable power, by default, files have no executable (x) permissions. Therefore:

• If the user is created as ”file” the default is "no executable (x) project", that is, only rw these two items, that is, the maximum is 666 points, the default attribute As follows:

-rw-rw-rw-

• If the user is created as “directory", since x is related to whether or not it can enter this directory, the default is all permissions. Open, which is 777 points, the default attributes are as follows:

drwxrwxrwx

The umask specifies the "default value to be deducted permission". Because r, w, and x are 4, 2, and 1, respectively. In other words, when you want to remove the permission to write, you enter 2, and if you want to remove the read permission, that is, 4, then you must remove the read and write permissions, which is 6, and remove the execution and write. Permissions, which is 3. Excuse me, what is 5? It is the right to read and execute. If the above example is used, since the umask is 022, the user is not removed from the attribute, but the attributes of group and others are removed by 2 (that is, the attribute of w), then when the user:

• When creating a file: (-rw-rw-rw-) – (-----w--w-) ==> -rw-r--r--

• When creating the directory: (drwxrwxrwx) – (d----w--w-) ==> drwxr-xr-x

Let's test it.

[root@linux ~]# umask0022[root@linux ~]# touch test1[root@linux ~]# mkdir test2[root@linux ~]# ll -rw-r--r-- 1 Root root 0 Jul 20 00:36 test1drwxr-xr-x 2 root root 4096 Jul 20 00:36 test2

See it? There is nothing wrong with determining the attribute. If you want to let the user with the user group also access the file? That is, if dmtsai is the user user group, and the file made by dmtsai wants to allow users to access the user group, this is also Permission issues that are often considered when team development plans. In this case, umask can't cancel the group's w permission. That is, we want the file to be created as -rw-rw-r--, so umask should be 002 (just remove others) W permission). How to set umask? Simple, enter 002 directly after umask.

[root@linux ~]# umask 002[root@linux ~]# touch test3[root@linux ~]# mkdir test4[root@linux ~]# ll -rw-rw-r-- 1 Root root 0 Jul 20 00:41 test3drwxrwxr-x 2 root root 4096 Jul 20 00:41 test4

So, this umask is very relevant for the default permissions of files and directories. This concept can be used on any server, especially in the future when setting up a file server, such as a SAMBA server or an FTP server. This involves the question of whether the user can take further advantage of the file. Don't wait for it.

Example 4: Assuming umask is 003, what is the file and directory permissions created using this umask?

A:

umask is 003, so the attributes are removed. Is --------wx, so:

file:(-rw-rw-rw-) - (--------wx) = -rw-rw-r- -

Directory: (drwxrwxrwx) - (--------wx) = drwxrwxr--

Hint: Textbooks like binary in the way umask and permissions are calculated To perform AND and NOT calculations, however, I prefer to use the symbolic method to calculate, Lenovo is easier. However, some books or BBS, some people like to use the file default attribute 666 and the directory default attribute 777 to perform subtraction calculations with umask. this is not good. As shown in example 4, if the default attribute is added or subtracted, the file becomes: 666-003=663, which is -rw-rw--wx, which is completely wrong. Think about it, the original file has removed the default attribute of x, how could it suddenly pop up? So, this place should be very careful