Macos – set the umask on a specific directory

macosumaskunix

I have a fairly restrictive umask setting (0077). This is fine, except I have one directory in which I'd like a more permissive setting (0002) to all files created anywhere under that directory. Is there a way to set a umask on a specific directory, so all files created beneath it inherit the same permissions?

Best Answer

Use ACL's

setfacl -d -m mask:002 /your/dir/here/

http://man-wiki.net/index.php/1:setfacl

If wanting to have a default for a login, just add a "umask 002" to your .bashrc (or whatever shell you use). All new dirs will use this if logged in under that env.

Related Solutions

Linux – How to make new file permission inherit from the parent directory

You do not want to change your system's default umask, that is a security risk. The sticky bit option will work to some extent, but using ACL's is the best way to go. This is easier than you think. The problem with basic ACL's is that they are not recursive by default. If you set an ACL on a directory, only the files inside that directory inherit the ACL. If you create a subdirectory, it does not get the parent ACL unless the ACL is set to recurse.

First, make sure ACLs are enabled for the volume the directory is on. If you have tune2fs, you can perform the following:

# tune2fs -l /dev/sda1 | grep acl
Default mount options:    user_xattr acl

If you don't have tune2fs, then examine fstabs:

# cat /etc/fstab 
/dev/system/root        /                       ext3    defaults        1 1
/dev/system/home        /home                   ext3    defaults        1 2
/dev/storage/data       /data                   ext3    defaults        1 2
LABEL=/boot             /boot                   ext3    defaults        1 2

The 4th column that says "defaults" means on my system (CentOS 5.5), ACL's are on. When in doubt, leave it as defaults. If you try to set the ACL and it errors out, go back and add the acl option to /etc/fstab right after defaults: defaults,acl.

From what I understand, you want everyone in the users group to have write access to the data directory. That's accomplished by the following:

setfacl -Rm g:users:rwX,d:g:users:rwX data/

Linux – How to set default permissions for files moved or copied to a directory

You can use an ACL (access control list) to set the default permissions for files in a directory.

From man 5 acl:

If a default ACL is associated with a directory, the mode parameter to the functions creating file objects and the default ACL of the directory are used to determine the ACL of the new object:

The new object inherits the default ACL of the containing directory as its access ACL.

The access ACL entries corresponding to the file permission bits are modified so that they contain no permissions that are not contained in the permissions specified by the mode parameter.

To set it up (change device, directories, etc., accordingly):

Edit your /etc/fstab file and add the acl mount option.

/dev/mapper/star-home /home ext3  defaults,acl 0 2

Remount (Samba mount.cifs man page) your filesystem by rebooting or use:

mount -o remount,acl /home

Make sure you have the setfacl and getfacl utilities.

Set the default ACL on the directory (you may also need to set the ACL on existing files):

$ setfacl -m d:user:george:rwx,d:group:sales-g:rwx,d:group:marketing-g:rwx projections

See the linked tutorial for more information.

Source: Tutorial Part 1 and Part 2

Reference: POSIX Access Control Lists on Linux

Best Answer

Related Solutions

Linux – How to make new file permission inherit from the parent directory

Linux – How to set default permissions for files moved or copied to a directory

Related Question