LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 11-30-2003, 05:32 AM   #1
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,033

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Where to set default file permissions (umask)?


Hello,
I'm running mandrake 9.1 and KDE. Generally, I like it. But
I notice that when I save a file, the default permissions are:

rw-rw-r--

This means that "others" can read my files by default.
This does not seem to be a sensible default, so I
would like to change the default permissions to:

rw-rw----

But where do I change it?

~/.bashrc points to /etc/bashrc
~/.profile doesn't exist

Putting umask 117 in /etc/bashrc doesn't work.
Putting umask 117 in /etc/profile doesn't work either.

So where is umask being set?

Thanks.
 
Old 11-30-2003, 08:47 AM   #2
saint
Member
 
Registered: Sep 2001
Location: India
Distribution: Red Hat 9
Posts: 55

Rep: Reputation: 15
Put your command in ~/.bash_profile . That should do the trick.

If you put your files in your home directory, no one will be able to read them. So think twice before you do the above step.

HTH
 
Old 11-30-2003, 08:59 AM   #3
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,033

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Thanks for the reply.

I tried putting umask 117 in ~/.bash_profile, logging out then in again, and creating a file.
The permissions are still rw-rw-r--. So that didn't do it.

I tried putting umask=117 in ~/.bash_profile, logging out then in again, and creating a file.
The permissions are still rw-rw-r--. So that didn't do it either.

"If you put your files in your home directory, no one will be able to read them." - Unfortunately this is not the case on my system (Mandrake 9.1, default install). My home directory (and everybody else's too) has the permissions rwxr-xr-x, so they are basically "open". And I'd like to try to fix this.

Any other suggestions?

Thanks
 
Old 11-30-2003, 09:45 AM   #4
saint
Member
 
Registered: Sep 2001
Location: India
Distribution: Red Hat 9
Posts: 55

Rep: Reputation: 15
after making the changes, can u exmie the values of umask (by using the command umask -S) it migh be useful
 
Old 11-30-2003, 09:59 AM   #5
saint
Member
 
Registered: Sep 2001
Location: India
Distribution: Red Hat 9
Posts: 55

Rep: Reputation: 15
I think you should see this page http://unix.about.com/library/weekly/aa090400c.htm

It says that
Quote:
The default permissions assigned to a newly created file or directory depend of your system and system administrator. The defaults can be changed with the umask command.

umask permission-list

For example,

1.$ umask a=rx,ug+w

specifies that all users have read and, if relevant, execute permission for newly created files and directories. Additionally, write privileges are granted to the user and group.

2 $ umask a=rwx,g=rx,o=

specifies that the user has all permissions, the groups has read and execute permission and others have no permissions.
And that you should specify your desired permissions in ~/.profile file
 
Old 11-30-2003, 10:01 AM   #6
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,033

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Either I have got completely the wrong end of the stick, or this gets weirder:

Here is my .bash_profile:
======================================
# .bash_profile

# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi

# User specific environment and startup programs
umask=0177

touch /home/mike/bashtest

PATH=$PATH:$HOME/bin
export PATH
unset USERNAME
======================================

When I logout and back in again, the file bashtest is created, but with
permissions of rw-rwr--

I cannot explain this.

Any ideas?
 
Old 11-30-2003, 10:13 AM   #7
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,033

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
A bit more experimenting:

The syntax in ~/.bash_profile was wrong. It needs to say "umask 177", ie no "=" sign and no leading zero.

The file bashtest is now created with the permissions: rw-------, which is what I wanted. So
this does work, but only temporarily it seems

If I open a shell, (konsole) "touch foo", then foo has permissions rw-r--r-- , and umask has gone back to the default value of 0022

Grrrrrrrrrrrrrrr

Last edited by tredegar; 11-30-2003 at 10:20 AM.
 
Old 11-30-2003, 10:22 AM   #8
saint
Member
 
Registered: Sep 2001
Location: India
Distribution: Red Hat 9
Posts: 55

Rep: Reputation: 15
I tried it on my system, and it worked. Sorry seems more magic is involved than I can fathom
 
Old 11-30-2003, 11:20 AM   #9
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,033

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Nearly cracked it:

This was a very useful thread: http://www.linuxchix.org/pipermail/t...er/006119.html

Setting umask to 177 in ~/.bash_profile creates new files with the right permissions (rw-------), but directories with the wrong ones - so I do not have access to new dirs I create. The magic number for umask seems to be 077. Dirs are now created rwx------, which is good.

Konsole(s) opened from KDE revert to a umask of 022, which is annoying. Konsole doesn't seem to read ~/.bash_profile, which is odd.

All I have to do now is some fancy command-line stuff with "find" and "chmod" and whatnot to reset the permissions properly for all those files and directories that I and the other users have so far created.

Many thanks for your help and encouragement.
 
Old 12-06-2003, 10:56 AM   #10
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,033

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
The last word ( I hope ) on this tedious subject

To make KDE applications and shells opened from
KDE (eg with konsole), and <CTRL><ALT><F-something> logins save files with the
correct default permissions of rw-------

I had to put umask 077 into
~/.bashrc and
~/.bash_profile
and also put export BASH_ENV=~/.bashrc into /etc/profile

Thanks to tinkster, man bash and google!
 
Old 01-19-2004, 03:37 PM   #11
MadTurki
Member
 
Registered: Nov 2003
Location: Toronto
Distribution: RedHat 9, Mandrake 10, OS X
Posts: 114

Rep: Reputation: 15
Hate to have to crack this baby back open again, but, how would I do this for all users on a system without editing everyone's bashrc and bash_profile files?
 
Old 01-20-2004, 07:40 AM   #12
tredegar
LQ 5k Club
 
Registered: May 2003
Location: London, UK
Distribution: Debian "Jessie"
Posts: 6,033

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
MadTurki, I think you will have to edit all those bashrc and bash_profile files. If there are many users, I expect you can create a script to do this for you, but for just a few, it's probably not worth the effort.

For users that you will create in the future though, take a look in /etc/skel.
 
Old 01-27-2004, 04:40 PM   #13
MadTurki
Member
 
Registered: Nov 2003
Location: Toronto
Distribution: RedHat 9, Mandrake 10, OS X
Posts: 114

Rep: Reputation: 15
So, this is working great for users that telnet or ssh into the server. But the same people using samba are still ending up with the default 755 permissions :S How can I make this effect samba as well?
 
Old 01-27-2004, 06:08 PM   #14
ralvez
Member
 
Registered: Oct 2003
Location: Canada
Distribution: ArchLinux && Slackware 10.1
Posts: 298

Rep: Reputation: 30
have you considered using the Samba configuration file (/etc/samba/smb.conf) to set the creation value for files?
Here is an example:

comment = ITTwo Admins.
available = yes
path = /private
public = yes
guest only = no
browsable = no
writable = yes
valid users = +mgrs
write list = r.alvez,careyann
admin users = r.alvez,careyann
create mask = 0770
directory mask = 2770

Hope this helps.

Rick
 
Old 01-27-2004, 06:10 PM   #15
mikshaw
LQ Addict
 
Registered: Dec 2003
Location: Maine, USA
Distribution: Slackware/SuSE/DSL
Posts: 1,320

Rep: Reputation: 45
You don't need to edit every user's files unless they are specifically setting the umask already. If there is no umask command in their home files, then /etc/profile is used. You can add umask to that to make it systemwide (provided it's not overridden in a user's home directory).

Also, there's no need to add it to both bash files. You can simply source .bashrc from .bash_profile, and make whatever modifications you want to .bashrc:
Code:
if [ -f ~/.bashrc ]; then
    source ~/.bashrc
fi
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Umask and Linux Default Permissions Sandoomaphone Linux - Security 9 08-23-2004 05:48 PM
can you set a default umask for only certain directories? BrianK Linux - General 3 06-14-2004 10:02 PM
default file rights with umask MartinMiller Linux - General 6 10-22-2003 11:04 AM
umask and default file create permissions Rgamboa Linux - Newbie 5 05-20-2003 12:03 PM
Samba default File Permissions Nelleh Linux - Networking 6 06-06-2002 09:09 AM


All times are GMT -5. The time now is 09:49 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration