The umask command controls the default permissions assigned to the file during file creation. It uses the octal notation to delete a bitmask from the file mode attribute.
Introduction
The umask command controls the default permissions assigned to the file during file creation. It uses octal notation to delete a bitmask from the file mode attribute.
============================================
Umask
Umask is a system variable used to set a mask for file access permissions when a file is created.
Run the umask command to modify the value of this variable. It is a value consisting of three octal arrays. Each number is an OR operation result of octal 1, 2, and 4.
First Digit
0: allow any permissions of the file owner
4: prohibit the read permission of the user to which the file belongs
2: write permission of the user to which the file belongs
1: The execution permission of the user to which the file belongs
Second digit
0: allow any permissions on the group to which the file belongs
4: prohibit the read permission of the group to which the file belongs
2: write permission of the group to which the file belongs
1: The execution permission of the group to which the file belongs
Third digit
0: allow any permissions of other users
4: the read permission of other users is forbidden.
2: write permissions of other users are forbidden.
1: The execution permission of other users is forbidden.
Instance
If you want to disable the write and execution permissions of a group, you must also disable the write permissions of other users.
The first digit is 0, the second digit is 2, 1, and the third digit is 2.
The final value of each number is OR, so the value of the second number is 2 | 1 = 3
Effect
When you use open to create a file, the Mode permission will be compared with umask. if it is disabled in Umask, it will be removed from the mode.
============================================
View and set the permission mask
[Root @ allyes/] # umask
0000
You have new mail in/var/spool/mail/root
[Root @ allyes/] # umask 022
[Root @ allyes/] # umask
0022
[Root @ allyes/] #