[RndTbl] How does umask really work?

Sean A. Walberg sean at ertw.com
Thu Feb 10 07:57:42 CST 2005


On Wed, 9 Feb 2005, John Lange wrote:

> So the bottom line is, you can not set a default create mode for files
> to be 755 since the mode is implemented in each individual program.

Not quite.  Each program can specify the mode to create a file with when
it calls open() or creat().  The kernel takes this mode and applies the
umask to get the actual mode.  If the program opened the file with a mode 
of 777 and the umask were 022, you'd get 755 as in my example below.
 
> The best you can do is set modes that can NOT be created by default.

That is the umask, yes.  However there seem to be other things at play 
that turn off additional bits.
 
> IMHO there should be a kernel setting for this (
> /proc/sys/fs/filecreatemode /proc/sys/fs/dircreatemode seems logical).

Interesting idea, but by the time it gets to the kernel, it's really not 
aware if the mode it's getting is a default or something that you put in 
explicitly.  It just takes the number it gets, applies the umask, and 
moves on.

Consider the following program:

#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>

int main(void) {

        int fd;

        fd = open("withmode", O_CREAT, S_IRWXO | S_IRWXG | S_IRWXU);
        close(fd);
        fd = open("withoutmode", O_CREAT);
        close(fd);
}

It opens two files, specifying a 777 mode for the first, and none for the 
second:

[sean at sergeant sean]$ gcc open.c -o open
[sean at sergeant sean]$ umask
0022
[sean at sergeant sean]$ ./open
[sean at sergeant sean]$ ls -l with*mode
-rwxr-xr-x  1 sean users 0 Feb 10 07:48 withmode
-rwxr-xr-x  1 sean users 0 Feb 10 07:48 withoutmode

Interestingly enough, they're both 755!

However if I do a simple "echo > foo", I get a mode of 644.

[sean at sergeant sean]$ strace bash -c "echo > foo" 
[sean at sergeant tmp]$ ls -l foo
-rw-r--r--  1 sean users 1 Feb 10 07:53 foo

Looking at the output of strace...

open("foo", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 3

Meaning bash explicitly opened the file with a mode of 666, which after my 
umask of 022 was applied, resulted in a file mode of 644.

So, to summarize:

- umask works more or less like you thought it did
- the reason the file was -x was because whatever application opened the 
file wanted it that way, it had nothing to do with the umask

Sean


> On Wed, 2005-02-09 at 21:14, Sean A. Walberg wrote:
> > From the umask(2) man page: 
> > 
> > The umask is used by open(2)  to set initial file permissions on a
> > newly-created file.  Specifically, permissions in the umask are turned
> > off from the mode argument to open(2) (so, for example, the common
> > umask default value of 022 results in new files being created with
> > per-missions 0666 & ~022 = 0644 = rw-r--r-- in the usual case where the
> > mode is specified as 0666).
> > 
> > And that takes us to open(2):
> > 
> > int open(const char *pathname, int flags, mode_t mode);
> > ...
> > The  argument  mode specifies the permissions to use in case a new file
> > is created. It is modified by the process's umask in the usual way: 
> > the permissions  of  the  created file are (mode & ~umask).  Note that 
> > this mode only applies to future accesses of the  newly  created  file;  
> > the open  call  that  creates a read-only file may well return a 
> > read/write file descriptor.
> > 
> > So, it would stand that the umask is used within the kernel at file 
> > creation time.  If you poke around fs/namei.c in the kernel source, you 
> > can see how sys_mknod() uses this value to figure out the actual mode of 
> > the file.  You'd have to dig into glibc to find where the initial value 
> > comes from.  ISTR that Bill was on the right track -- directories and 
> > files start off with different modes for the umask calculation, 
> > directories are 777 and files 666.
> > 
> > Sean
> > 
> > 
> > On Wed, 9 Feb 2005, Kevin McGregor wrote:
> > 
> > > On second thought (and after checking one book on bash), there may not 
> > > be a "default". If a text editor tries to create a file with permissions 
> > > 666 and umask is 022, then it will be created with 644 instead. So it 
> > > seems to depend on the process creating the file. Gilbert confirms this.
> > > 
> > > John Lange wrote:
> > > > The documentation and examples on umask state that you provide a mask
> > > > that is subtracted from rwx (777) access to generate a default access
> > > > for newly created files.
> > > > 
> > > > It clearly doesn't work this way.
> > > > 
> > > > If you have a umask of 022, newly created files are rw-r--r-- (644). It
> > > > should be rwxr-xr-x (755). The umask is acting like its 033 and indeed
> > > > changing it to 033 has no effect on newly created files.
> > > > 
> > > > However, umask effects directories differently. umask 022 will create
> > > > directories as expected (as 755), and umask 033 will create them as 644.
> > > > 
> > > > So how do you set a umask that will create files as 755?
> > > > 
> > > 
> > > 
> 

-- 
Sean A. Walberg <sean at ertw.com>                    http://www.ertw.com 


More information about the Roundtable mailing list