1. Introduction to umask
In the Linux system, when we create a new file or directory, these new files or directories will have default access permissions. The umask command is related to the default access permissions of files and directories. If a user creates a file, the default access permission for the file is -rw-rw-rw- , the default permission for creating a directory is drwxrwxrwx , and the umask value indicates which permissions need to be removed from the default permissions to become the final default permission value.
Second, the meaning of the umask value
You can use the command umask to view the umask value
hadoop@sench-pc:~$ umask 0002
It can be seen that the umask value is 0002, the first 0 is related to special permissions, you can ignore it for the time being, the last three 002 are related to ordinary permissions (rwx), and the first 0 in 002 is related to user (user) permissions , which means that 0 is subtracted from the user permission, that is, the permission of the creator of the file is the default permission (rw), and the second 0 is related to the group permission (group), which means that the permission of the group is reduced by 0, so the permission of the group is also maintained. The default permission (rw), the last 2 is related to the permissions of other users (others) in the system. Since w=2, it is necessary to subtract 2 from the default permissions (rw) of other users, that is, to remove the write (w) permission. , the permissions for others are rw - w = r, then the final default permissions for creating files are -rw-rw-r-- . Similarly, the default permission of the directory is drwxrwxrwx , then d rwx rwx rwx - 002 = (d rwx rwx rwx) - (- --- --- -w-) = d rwx rwx rx, so the user creates the default access to the directory The permissions are drwxrwxr-x . Let's verify it with the following example:
hadoop@sench-pc:~$ umask 0002 hadoop@sench-pc:~$ touch test.txt hadoop@sench-pc:~$ ls -l test.txt -rw-rw-r-- 1 hadoop hadoop 0 4月 24 20:31 test.txt hadoop@sench-pc:~$ mkdir test hadoop@sench-pc:~$ ls -al test total usage 8 drwxrwxr -x 2 hadoop hadoop 4096 Apr 24 20:32 . drwxr-xr-x 52 hadoop hadoop 4096 4月 24 20:32 ..
You can see that the permission of the file test.txt is -rw-rw-r-- , and the permission of the directory test is drwxrwxr-x ( . represents the current directory, which is the attribute of the test directory).
The umask command displays the numeric value of the umask, and you can also use the command umask -S to display the symbolic value of the umask:
hadoop@sench-pc:~$ umask -S
u = rwx, g = rwx, o = rx
It can be seen that (rwx rwx rwx) - (rwx rwx rx) = (--- --- -w-) = 002 .
3. Change the umask value
You can change the umask value by commanding the umask value. For example, if I want to change the umask value to 027, use the command umask 027 . After changing to 027, the user permission remains unchanged, the group permission is reduced by 2, that is, the write (w) permission is removed, and the other users are reduced by 7, that is, the read-write execution permission (rwx) is removed, so other users have no access rights.
hadoop@sench-pc:~$ umask 027 hadoop@sench-pc:~$ umask 0027 hadoop@sench-pc:~$ touch test.txt hadoop@sench-pc:~$ ls -l test.txt -rw-r----- 1 hadoop hadoop 0 4月 24 20:49 test.txt hadoop@sench-pc:~$ mkdir test hadoop@sench-pc:~$ ls -al test total usage 8 drwxr -x --- 2 hadoop hadoop 4096 Apr 24 20:49 . drwxr-xr-x 52 hadoop hadoop 4096 4月 24 20:49 ..
You can see that the default access permission of the file has become -rw-r----- , and the default access permission of the directory test has become drwxr-x--- . This method does not permanently change the umask value, but only changes the umask value of the current session. Open a new terminal and enter the umask command. You can see that the umask value is still the default 002. To permanently change the umask value, you can modify the file /etc/bashrc and add a line of umask 027 to the file .
4. Summary
When we want to change the default access permissions when creating files and directories, we can do it through the umask command.