Read With no parameter, the command reports the stored mask either as
octal or
symbolic notation, depending on the implementation. In some shells, the option selects symbolic notation. For example: $ umask 0022 $ umask -S u=rwx,g=rx,o=rx
Set as octal Invoked with an octal parameter, the command updates the stored mask to input value: $ umask 007 $ umask 0007 $ umask -S u=rwx,g=rwx,o= As normal for a numeric representation, if fewer than 4 digits are entered, leading zeros are assumed. But the command fails if the input is more than 4 digits. This is notable since some languages (i.e. C) use a leading zero to denote octal format for a literal, but does support this notation. The last three digits encode the user, group and others classes, respectively. If a fourth digit is present, the first digit addresses the three special attributes:
setuid,
setgid and
sticky bit.
Set via symbolic notation When is invoked with a parameter in symbolic notation, it modifies the stored mask so that a newly created file is allowed to have the permissions added and disallowed to have the permissions removed. The logic is backwards from the mask value. Adding a permission clears the associated bit of the mask so that the permission is allowed when a file is created. Removing a permission sets the associated bit so that the permission is disallowed when a file is created. Changes to the mask in symbolic notation are expressed as [
classes]+|-|=
operations; with multiple expressions separated by comma and the last terminated by a space. This syntax does not work in
C shell due to the different behavior of its command. Class is specified as for user, for group, for others or a combination of these letters to select multiple. If not specified or , then all classes are selected, same as . The operator specifies how the mask is modified. allows the specified permissions without changing unspecified permissions. disallows permissions without changing unspecified permissions. = allows the specified permissions and disallows the unspecified permissions of the class. The following table describes the operations (and flags) than can be allowed or prohibited.
Examples Assuming typical a mask value: u=rwx,g=rx,o=rx which allows all permissions except for write for group and others, the following example shows how a new file (created via
touch lacks write for group and others. $ touch foo $ ls -l foo -rwxr-xr-x 1 me developer 6010 Jul 10 17:10 foo The following example disallows write permission for the user class, then creates a file that has no write permission for the user class: $ umask u-w $ umask -S u=rx,g=rx,o=rx $ touch bar $ ls -l bar -r--r--r-- 1 me developer 6010 Jul 10 17:15 bar ==File creation==