Problem setting umask and default file permissions on ubuntu 7.04 server with xfs

a2brute · 05-20-2008, 07:51 PM

Here is a puzzler....

I have an Ubuntu 7.04 server being used for data collection. It's root file system is an xfs partition. It has a single directory in which all programmers store and share projects. We also have about 140 workstations where many employees need to be able to access and edit the data in this specific directory. Thus, I am trying to set the default file permissions for all files created in this directory to 666. Currently all user created files in the directory have permissions of 664.

I have activated the "sticky bit" on the target directory using:
"chmod 3777 <directory name>"

Given that this server has almost no other use or purpose, I have tried setting the umask to 000 in the global .profile and csh.cshrc files under /etc. However, this appears to have no effect. All files created by users in the directory still have permissions 664.

I even tried removing the sticky bit from the target directory, and running "umask 000" from the command line before touching a test file. It was still created with permissions of 664.

I have confirmed there is no access control list installed on the server.

I am completely baffled as to how and why the default file permissions of 664 are being applied. If anyone has any ideas on how I could track down and override this default file permission, any help would be greatly appreciated.

jschiwal · 05-22-2008, 04:57 AM

The "x" bit needs to be set for directories to be able to access files inside or cd into it.
Change the permissions to 777. The sticky bit is correct.
sudo chmod ugo=rwxt <directory>

You had also used sgid on the directory. That will cause files created there to inherit the gid of the directory. Is that what you want to do?

The sticky bit as you know protects a file from deletion when another user has write access to the directory. However to fully protect a file from being zeroed or altered by a non-owner, the person who creates the file needs to clear the group and other write bit. If a users umask value is 0022, then that is how the file will be created.

You might be a bit confused what 0664 permissions on a file in the directory means. Creating or deleting a file removes an entry from the directory, which from the kernel's point of view is just a file. So it is the permissions of the directory that determines whether you can create a file in that directory. When I change my umask value to 000 and touch a file in /tmp/, it is created with 666 permissions. The /tmp directory has rwx permissions for everyone and the sticky bit set, the same as the permissions as the directory you want.