🎁 New User? Get 20% off your first purchase with code NEWUSER20 Register Now →
Menu

Categories

Home » Learn » Linux Commands » umask

umask Command

Intermediate Permissions & Ownership man(1)

Set default file creation permissions

👁 10 views 📅 Updated: Mar 15, 2026
SYNTAX
umask [MODE]

What Does umask Do?

umask sets the default permission mask for newly created files and directories. It determines which permissions are NOT set when creating new files. The umask is subtracted from the maximum permissions.

Default maximum is 666 for files (no execute) and 777 for directories. With umask 022: new files get 644 (666-022), new directories get 755 (777-022).

umask is set in shell configuration (~/.bashrc, ~/.profile) and affects all files created by that shell session. It is a security control that prevents accidentally creating files with excessive permissions.

Options & Flags

OptionDescriptionExample
(no args) Show current umask umask
NNN Set numeric umask umask 027
-S Show symbolic representation umask -S
-p Show in re-usable format umask -p

Practical Examples

#1 Show current umask

Displays the current permission mask.
$ umask
Output: 0022

#2 Show symbolic

Shows umask as symbolic permissions for clarity.
$ umask -S
Output: u=rwx,g=rx,o=rx

#3 Set restrictive umask

New files: 600 (owner only). New directories: 700. Very private.
$ umask 077

#4 Set shared umask

New files: 664. New directories: 775. Group can write.
$ umask 002

#5 Make permanent

Sets umask 027 permanently: files 640, directories 750.
$ echo "umask 027" >> ~/.bashrc

#6 Verify with file creation

Creates a file to verify the umask effect.
$ umask 022; touch test.txt; ls -l test.txt
Output: -rw-r--r-- 1 user user 0 test.txt

Tips & Best Practices

Common umasks: 022 = default (files 644, dirs 755). 077 = private (files 600, dirs 700). 002 = shared (files 664, dirs 775).
umask is subtracted: umask removes permissions. umask 022: from 666 (files) removes group-write and other-write = 644.
Does not change existing files: umask only affects NEW files. Use chmod to change permissions on existing files.

Frequently Asked Questions

What is umask?
umask sets default permissions for new files. It masks (removes) specified permissions. umask 022 means new files get 644 and new directories get 755.
How do I make my default more secure?
umask 077 in ~/.bashrc ensures new files are private (owner-only). Or umask 027 to allow group read.
Why can I not create executable files?
Files start from 666 (no execute). umask only removes. Use chmod +x after creation to add execute.

Related Commands

chmod

Change file and directory permissions

 chown

Change file owner and group

 stat

Display detailed file or filesystem status

 touch

Create empty files or update file timestamps

More Permissions & Ownership Commands

chgrp

Change group ownership of files

 chmod

Change file and directory permissions

 chown

Change file owner and group

 getfacl

Get file access control lists

 setfacl

Set file access control lists for fine-grained permissions
ufw Command 📋 All Commands umount Command →

Master Linux with Professional eBooks

Curated IT eBooks covering Linux, DevOps, Cloud, and more

Browse Books →