Umask command in Linux with examples
Last Updated :
23 Jul, 2025
The umask command in Linux is used to set default permissions for files or directories the user creates.
How does the umask command work?
- The umask command specifies the permissions that the user does not want to be given out to the newly created file or directory.
- umask works by doing a Bitwise AND with the bitwise complement(where the bits are inverted, i.e. 1 becomes 0 and 0 becomes 1) of the umask.
- The bits which are set in the umask value, refer to the permissions, which are not assigned by default, as these values are subtracted from the maximum permission for files/directories.
How to calculate umask value?
Syntax:
$umask
[The above command will give the following output]
umask command in Linux without parameters (output)pratyay@pratyay-ROG-Strix-G531GT:~/Study/Linux/CommandTrials/umask$ umask
0002
- Here, the first digit, 0 is called the sticky bit, it is a special security feature.
- The next three digits represent the octal values of the umask for a file or directory.
For a better understanding of umask working, we need to understand octal mode security settings. The three rwx permissions (Read-Write-Execute) values are converted into three-bit binary values and represented by a single octal value as shown in the following table:
Permissions | Octal Value | Binary Value | Description |
---|
--- | 0 | 000 | No permission |
--x | 1 | 001 | only permission to execute |
-w- | 2 | 010 | only permission to write |
-wx | 3 | 011 | permission to write and execute |
r-- | 4 | 100 | only permission to read |
r-x | 5 | 101 | permission to read and execute |
rw- | 6 | 110 | permission to read and write |
rwx | 7 | 111 | permission to do all three, i.e. read, write and execute |
Simplification:
Let's understand the above table with an example: Let's explain the previous output we got using umask, 0002
- For a better understanding of the above table, it might seem confusing at first, but it's pretty simple, all you have to remember is the three modes, rwx (read-write-execute).
- the bit for the respective mode, i.e. in 3-bit number, the first bit(leftmost) is for read, then write and execute respectively. In the above example, 0002 is outputted by the umask command, we will be not worrying about the first 0 as of now. the next three digits are 0 0 2.
- Each digit here is for different classes of users, there are a total of 3 classes of users in Linux,
- The owner
- group members
- everyone else
- The above output (0002) means that the umask is restricting write permissions for 'others'. Since umask subtracts from the default permissions:
- For a file (default:
666
), the umask 0002
results in 664
(rw-rw-r--
), meaning others can only read the file. - For a directory (default:
777
), the umask 0002
results in 775
(rwxrwxr-x
), meaning others can only read & execute, but not write."
- The umask
0002
ensures that while owner and group can read & write, others can only read (for files) or read & execute (for directories)
How to set and update the default umask value?
We can set and update the default umask value using the command umask followed by a parameter, which should be an integer ranging from 000-777. The syntax for updating the umask value is the same as setting the umask value.
Setting the umask value:
We can use the umask command to set the default permissions with which the files/directories will be created.
Syntax
$umask 543
umask command in Linux terminal (Setting default umask value)How to calculate umask values for files and directories?
Here, when we execute the command, the values are not directly allocated as 5 for the owner, 4 for the group members and 3 for the others, but the value we pass as an argument is subtracted from the max/full permission set. There are two full permission sets:
- File -> The full permission set for a file is 666 (read/write permission for all)
- Directory -> The full permission set for a directory is 777 (read/write/execute)
Note: The files cannot be given execution permissions by default as it can cause a security concern, and Linux systems are pretty much known for their amazing security, so that wouldn't be good.
So, once we have set the umask value to 543, let's see what happens when we make a directory(7-7-7) and a file(6-6-6)
Making a directory:
- When we make a new directory, the permissions will be calculated as (full permissions for directory) - (umask value) i.e. 777 - 543 = 234
- 234, can be clarified more as:
- 2 for the owner, that is 010 in binary, so write permissions for the owner.
- 3 for the group members, that is 011 in binary, so write and execute permissions for the group members.
- 4 for everyone else, that is 100 in binary, so only read permission for everyone else.
Making a directory with custom set umask- The output shows the following: d-w--wxr--, which is a bit confusing, but when we simplify it, it can be seen as d -w- -wx r--, d here stands for directory and the latter 3 are the permissions for the respective users as we discussed in the previous point.
Making a file:
- When we make a new directory, the permission will be given out similarly but with a slight change as follows: (full permissions for file) - (umask value) i.e. 666-543 = 123
- Linux does not provide execute permissions by default, even if it is specified in the umask.
- 123 can be clarified more as:
- 1 for the owner, that is 001 in binary, so execute permission should be given to the owner, but Linux doesn't give execute permissionMaking a directory:s by default, so, the value is promoted by one and we get 010, and write permission will be granted to the owner.
- 2 for the group members, that is 010 in binary, so write permissions for the group members.
- 3 for everyone else, that is 011 in binary, so write and execute permission for everyone else, but again execute permission cannot be provided, so the value will be promoted one more time, and we will get 100, so read permission will be granted to everyone else.
Making a file using custom set umask- The output shows, --w--w-r-- which can be simplified as - -w- -w- r--, that is write for the owner, write for the group, and read for everyone else.
- Now when we will try to open this file as the owner, we will get access denied, as the owner of the file only has access to write to it.
Trying to open the file without access- So in order to open the file, we would either have to be the admin or be other than owner and group members.
- Opening file as Admin:
Opening file as admin- You can also use symbolic notations with umask. Below in "umask u-w" command 'u' stands for user and '-' is used for remove permission and 'w' stands for write permission.
- Create File named newDir and check permissions.
- In given figure it shows that permission for newDir is "dr-x-wx---" and user's write permission has been removed.
- If you use '+' symbol instead of '-' then it will give corrosponding permission to the user. you can also use 'r' which is used for read permission. ie. umask u+rw
- Now, Give write permission to user and check it's permission by creating an directory.
So, in this way, it is possible to use umask command in order to set default permissions for files and directories. It should be noted that the default permissions for files and directories are different as files do not provide the option to execute by default.
What is the difference between chmod and umask?
- The umask command can be only used on new files i.e. while creating new files, any files created prior to using the umask command will have no effect.
- The chmod command must be used on files that are already present, it is used to change the access permissions of files that have been created earlier.
Thus, we need umask command in order to set the default access permissions for files and directories which will be created in the future, and we need the chmod command in order to change the access permissions for files that have been already created and are present in the system.
Similar Reads
Linux/Unix Tutorial Linux is one of the most widely used open-source operating systems. It's fast, secure, stable, and powers everything from smartphones and servers to cloud platforms and IoT devices. Linux is especially popular among developers, system administrators, and DevOps professionals.Linux is:A Unix-like OS
10 min read
Linux Commands Cheat Sheet Linux, often associated with being a complex operating system primarily used by developers, may not necessarily fit that description entirely. While it can initially appear challenging for beginners, once you immerse yourself in the Linux world, you may find it difficult to return to your previous W
13 min read
25 Basic Linux Commands For Beginners [2025] While performing a task, we all need shortcuts. Shortcuts help us to complete a task quickly. Linux comes with such commands which are one to two words, using that commands, you can perform several operations in no time. As a beginner, you must be aware of those basic Linux commands to complete an o
13 min read
grep command in Unix/Linux The grep command is one of the most useful tools in Linux and Unix systems. It is used to search for specific words, phrases, or patterns inside text files, and shows the matching lines on your screen. Syntax of grep Command in Unix/LinuxThe basic syntax of the `grep` command is as follows:grep [opt
6 min read
Sed Command in Linux/Unix With Examples The SED command (short for Stream Editor) is one of the most powerful tools for text processing in Linux and Unix systems. It's commonly used for tasks like search and replace, text transformation, and stream editing.With SED, you can manipulate text files without opening them in an editor. This mak
8 min read
AWK command in Unix/Linux with examples Awk is a scripting language used for manipulating data and generating reports. The awk command programming language requires no compiling and allows the user to use variables, numeric functions, string functions, and logical operators. Awk is a utility that enables a programmer to write tiny but eff
8 min read
Introduction to Linux Shell and Shell Scripting Whenever we use any modern operating system like Linux, macOS, or Windows we are indirectly interacting with a shell, the program that interprets and executes our commands. While running Ubuntu, Linux Mint, or any other Linux distribution, we are interacting with the shell by using the terminal. In
8 min read
How to Find a File in Linux | Find Command The find command in Linux is used to search for files and directories based on name, type, size, date, or other conditions. It scans the specified directory and its sub directories to locate files matching the given criteria.find command uses are:Search based on modification time (e.g., files edited
9 min read
What is Linux Operating System Linux is based on the UNIX operating system. UNIX is a powerful, multi-user, multitasking operating system originally developed in the 1970s at AT&T Bell Labs. It laid the foundation for many modern operating systems, including Linux.Linux is free and open-source, accessible to everyone.Its sour
11 min read
ZIP command in Linux with examples In Linux, the zip command compresses one or more files or directories into a single.zip archive file. This saves disk space, keeps data organized, and makes it simple to share or backup files. It's among the most used compression utilities, particularly when sharing large files via email or storing
6 min read