4. Umask

Every file that gets created comes with a default set of permissions. If you ever want to change that default set of permissions, you can do so with the umask command. This command uses the 3-bit permission set we see in numerical permissions.

Instead of adding these permissions, however, umask takes away these permissions.

umask 021

In the above example, we are stating that we want the default permissions of new files to allow users access to everything, but for groups, we want to take away their write permission, and for others, we want to take away their executable permission. The default umask on most distributions is 022, meaning full user access, but no write access for group and other users.

When you run the umask command, it will apply that default set of permissions to any new file you create. However, if you want it to persist, you'll have to modify your startup file (.profile), but we'll discuss that in a later lesson.

Exercises

Practice makes perfect! Here are some hands-on labs to reinforce your understanding of file permissions and how they relate to default settings:

Linux User Group and File Permissions - Practice creating and managing users, exploring group memberships, understanding file permissions, and manipulating file ownership. This lab provides practical experience in securing a multi-user Linux environment, which is crucial for understanding how umask influences new file permissions.

This lab will help you apply the concepts of file permissions in real scenarios and build confidence with managing access in Linux.

4. Umask

Exercises

Quiz

What command is used to change default file permissions?