What is umask in UNIX?

I used to be ignorant when I used FTP. Files cannot be uploaded due to FTP upload problems recently. After checking a lot of information, I finally figured it out.
To know what umask is, you must first understand how UNIX permissions are designed. Understanding this provides a good reference for the permission design of our business systems.

I. UNIX Permissions

The Uinx privilege Design
Some colleagues once asked me how to implement permission control using binary. I once replied that it seems that the other party is not very clear. Here is a summary.

Unix has three types of group design permissions:
1. owner permission
2. Group Permissions
3. Public Permissions

Unix has a group of concepts, and I think the design is good. You can refer to this design mode for web system design.

The above three permissions of a file (or directory) can be displayed through a very simple expression. For example:

Rwxr-XR-x

It only contains 9 characters, each of which is a group (rwx R-x r-x), indicating the owner permission, group permission, and public permission respectively. In each group, R, W, and X indicate the read, write, and execute permissions of the file in the user group (-indicates no permission ).

The character operation speed is far slower than the number. To express this expression, the designer uses binary to represent it. Because binary has only two States: 0 and 1, it can represent two features of mutual exclusion: "yes" and "no", "on" and "off. (0 and 1 are used to represent the values of Boolean objects in javascrit)

We know that the smallest unit of data in a computer is bit, and the Chinese name is bit. I used to call it bit ". The 8-bit form a "byte", that is, "byte ". The 1024 "bytes" is a K "Byte", which is usually written as "kb ". Therefore, there are the following expressions:
1 byte =
8bit
1kb = 1024 bytes
= 8 * 1024bit
1 MB = 1024kb

In the computer, how does one represent a character?

If I don't know the character encoding, I will do this: list all the characters and use serial numbers to represent, 1 to represent a, 2 to represent B, and so on ...... then convert the sequence number into a computer-identifiable binary. It seems yes. But the world is in disorder. Therefore, the character encoding function is to specify the ing between the "bit" and the character of a computer.

Different character encodings use different bit widths. The standard ASCII character encoding specifies that one character occupies 8 "bits", that is, one byte.

If the permission expression "rwxr-XR-X" is stored as a character, 9*8 bit = 72 bit is required.

This kind of design is of course irrelevant in today's hard drive era, but you need to know when Unix was born, and the storage price at that time can be said to be a high price, it also creates an artistic design.

1. For a group object, there are three operations: Read R, write W, and execute X.
2. Each operation is represented by a "bit". 1 indicates that the operation has the permission, and 0 indicates that the operation does not have the permission.

Therefore:
--- = 000 = 0
-- X = 001 = 1
-W-= 010 = 2
-WX = 011 = 3
R -- = 100 = 4
R-x = 101 = 5
RW-= 110 = 6
Rwx = 111 = 7

Originally, this is to make full use of the "minimum unit ". The philosophy is "how to use a number to represent multiple options ".

At this point, the permissions of a group can be represented by numbers.

The following content is displayed after the "ls-L" command is used in aix6.1:
Drwxr-XR-x 5 root system 256 Jul 11 WEB-INF
-RW-r -- 1 root system 1392 Jul 11 index. jsp

1. There is a "d" or "-" in front of column 1st. "D" indicates that this is a directory, and "-" indicates that it is not a directory. The last nine digits are the permission expression.
2. Columns 2nd indicate the number of hard links of files.
3. The "root" column in the 3rd column indicates the owner of the file. By default, it is the creator of the file (you can also modify the owner through chown ).
4. The "system" column in the 4th column indicates the group of the file. By default, the file is the group where the creator is located (you can also modify the Group through chgrp ).
5. Columns 5th indicate the size of the file in bytes.
6. Column 6th indicates the creation time.
7. The first column is the file (or directory) Name.

Ii. umask meaning

Umask indicates the mask of the file permission. It "removes" the corresponding "bit" (that is, bit) from the permission, and the execution permission cannot be granted to the file during creation.
Can go to Baidu encyclopedia to learn more information: http://baike.baidu.com/view/1867757.htm

You can enter a command to query the umask value of the current system:
# Umask
022
#

This means that I have no write (-w-= 010) permission except for me (group members and others. In fact, it is the "reverse" of the "bit ".

The benefit of this design is that there is a mask to help you initialize the default permissions when creating a file, so you do not need to specify the permissions for this file every time.
"022" is also the default mask value for UNIX systems.

When creating a file (or directory), the permission for the newly created file (or directory) is "755 ".

Iii. Role of umask value in FTP

In Aix, you can modify the ftp line in the file "/etc/inetd. conf:
Ftp stream tcp6 Nowait root/usr/sbin/ftpd

Modify this row:
Ftp stream tcp6 Nowait root/usr/sbin/ftpd-u xxx
"XXX" indicates the mask value.

It is used to initialize the default permissions for files uploaded by FTP.

For example:
Ftp stream tcp6 Nowait root/usr/sbin/ftpd-u 022

The default permission for files uploaded by FTP is "755", that is, others do not grant the "write" permission.

(End ).