Erik, On Tuesday 26 April 2005 09:02, Erik Jakobsen wrote:
Randall R Schulz wrote: ...
Randall Schulz
I have Googled, and have looked at the man:chmod in konqueror, but could you please tell me the effect of doing an umask, as I'm not quite convinced what it is in fact ?.
I've done this before on this list, but here goes... Every time a program creates a file, it specifies a set of permission bits. If the program is a plain file, the program will usually (_usually_, not always) specify 0666 (read+write for owner, group and others). If the program is creating a directory or an executable file, it will usually use 0777 (read+write+execute for owner, group and others). The actual mode of the file that gets created as a result has its mode modified from that specified by the creating program based on the value of the umask. Specifically, each mode bit that is _set_ in the umask is _removed from_ the mode specified by the creating program. So having more bits set in the umask yields files with _less_ permission. Typical umask values are 022 (only the owner will be able to write the file but all will be able to read it). Another common value is 02, which is more permissive: The owner and others in the owner's group will be able to read and write the file; all users will be able to read it. In shared environments such as ISP's that allow so-called "shell" access, it's common to use a umask such as 066 or 077, in which case only the owner can read or write the file. Others would be able to execute an program file (assuming they can get to it in the first place, which often would not be the case) or, if it's a directory, access files within it. The latter case (execute permission on a directory) only permits the directory to be examined by the kernel when looking up a specific file by name. Examining the directory to enumerate its contents (such as what the "ls" command does or the use of wild cards in the shell) requires read access on the directory. The Unix permission scheme is a bit intricate and perhaps arcane, but it makes sense and works well once you understand it. It lacks the fine-grained control possible with ACLs, but they're available, too, nowadays if you want them. But don't ask me about that. I'm not too well versed. Randall Schulz
Erik Jakobsen