Set the default permissions for newly created files

By default, when you create a file as a regular user, it’s given the permissions of rw-rw-r–. You can use the umask (stands for user mask) command to determine the default permissions for newly created files.

The umask is the value that is subtracted from the 666 (rw-rw-rw-) permissions when creating new files, or from 777 (rwxrwxrwx) when creating new directories. For example, if the default umask is 002, new files will be created with the 664 (rw-rw-r–) permissions, and new directories with the 775 (rwxrwxr-x) permissions.

To dispay the current value of umask, run the umask command without any options:

To temporarily change your umask value, run the umask VALUE command. This changes the umask value only for the current shell:

In the picture above you can see that we have changed the umask value to 044. Remember the numbers representing the permissions: r=4, w=2 and x=1. The umask of 044 means that the permissions for the newly created files will be rw- -w- -w- or 622 (because 044 subtracted from 666 gives 622). The permissions for the newly created directories will be rwx -wx -wx or 733 (because 044 subtracted from 777 gives 733).

To change the default umask value permanently for a specific user, you need to modify the .bashrc file in the user’s home directory. For example, to change the default umask for user bob, just add the following line at the end of the /home/bob/.bashrc file:

Reopen the shell. The default umask value is now 044:

To change the default umask value permanently for all users, you can use the following command:

pam-config -a –umask –umask-umask=VALUE

Replace the last three numbers with the umask of your choice. The change will be made the next time you log in to the system. Note that the umask definition in the .bashrc file will override the system umask.