umask

Some recent troubleshooting led me to the umask setting on a unix-like OS.

umask
#=> 0022

In computing, a mask is a type of filter that is applied to an action.

And as we learned yesterday, when a file is created it is set with certain permissions for the owner, group and everyone else.

Combine these two concepts and we get umask: the filter for setting the read, write and execute status for a newly created file.

The 0022 umask status mentioned above is a permissive setting. It sets read permissions for all three groups and write permissions for the file owner.

touch 022file.md
#=> -rw-r--r--   022file.md

Let’s change our umask setting and see what happens.

umask 0077
umask
#=> 0077
touch 077file.md
#=> -rw-------  077file.md

As you can see it has only set read and write permissions for the file owner. No one else can even read this file.

don’t forget to change your setting back to the original! Leaving it on 0077 is restrictive and has real consequences

The number settings for umask are in the base-8 or octal format. If you’d like to see your settings in a more human-readable format try this command:

umask -S
#=> u=rwx,g=rx,o=rx

Tip of the day: if you ever have file permission issues in a CI box, you may want to check the umask settings on that box.