Skip to main content

Understanding the umask Command in Linux

The umask command in Linux is used to set the default file and directory permissions when new files and directories are created. It acts as a permissions filter that works in the background. Although umask doesn't change permissions of existing files, it's important for setting the permissions of new files and directories.


The basic syntax of umask is:

umask [OPTION] [MASK]
  • OPTION: Specifies the mode of operation.
  • MASK: The mask value to set. Can be in either octal or symbolic representation.

Options and Their Descriptions

--helpDisplay a help message and exit.
--versionOutput version information and exit.
-SDisplay the mask in symbolic form.
-pOutput in a form that can be reused as input.

Calculating Umask Numbers: A Detailed Guide

Understanding how to calculate the umask number is crucial for managing permissions effectively in a Linux environment. Below, I'll outline the process step-by-step with examples.

Umask and Base Permissions

First, remember that the operating system assigns a "base" set of permissions for newly created files and directories:

  • Files typically have a base permission of 666 (read and write for everyone).
  • Directories typically have a base permission of 777 (full permissions for everyone).

Umask Number

The umask number is subtracted from these base permissions to define the actual permissions of the new files and directories. Each digit in the umask number corresponds to the owner, the group, and the others, respectively.

Calculating Umask: An Example

Let's say you want the following permissions:

  • For files: Read and write for the owner, read for the group, and no permissions for others.
  • For directories: Read, write, and execute for the owner; read and execute for the group; and no permissions for others.

Step 1: Convert Desired Permissions to Octal Numbers

Convert these permissions to octal numbers (read is 4, write is 2, and execute is 1):

  • For files: rw- for the owner is 6, r-- for the group is 4, and --- for others is 0. So, you'd aim for 644.
  • For directories: rwx for the owner is 7, r-x for the group is 5, and --- for others is 0. So, you'd aim for 750.

Step 2: Calculate Umask

Subtract these from the base permissions:

  • For files (666 as the base): 666 - 644 = 022
  • For directories (777 as the base): 777 - 750 = 027

So your umask could be 022 for files and 027 for directories. Note that you can't set separate umask values for files and directories; you have to choose a value that will work for both.


Example 1: Umask 022

To set the umask to 022, you would run:

umask 022

New files would then have permissions of 644 (rw-r--r--), and new directories would have permissions of 755 (rwxr-xr-x).

Example 2: Umask 002

If you want the group to have write permissions on new files, set the umask to 002:

umask 002

Now, new files will have 664 (rw-rw-r--) permissions, and new directories will have 775 (rwxrwxr-x) permissions.

Setting Umask: A Practical Demonstration

Understanding how to set umask in both symbolic and numeric modes is an essential part of Linux permission management. In this example, let's consider a scenario where we want to set specific permissions for new files and directories.

Initial Setup: Creating a Directory and a File

First, let's create a new directory called my_new_directory and a new file named example_file.txt inside it.

# Create a new directory
mkdir my_new_directory

# Navigate to the new directory
cd my_new_directory

# Create a new file
touch example_file.txt

Checking Existing Permissions

To check the existing permissions, use the ls command:

ls -l

Output might look like:

-rw-r--r-- 1 user user 0 Sep 10 10:00 example_file.txt

And for the directory:

ls -ld my_new_directory/

Output might look like:

drwxr-xr-x 2 user user 4096 Sep 10 10:00 my_new_directory/

Choosing a New Umask Value: 027

The umask value 027 can be interpreted as follows:

  • 0 for the owner (subtracting 0 means the owner retains all permissions)
  • 2 for the group (subtracting 2 means removing write permission)
  • 7 for others (subtracting 7 means removing all permissions)

Base Permissions

As before, the base permissions are:

  • Files: 666 (read and write for everyone)
  • Directories: 777 (full permissions for everyone)

Calculating Effective Permissions with umask 027

With a umask value of 027, the effective permissions become:

  • For new files: 666 - 027 = 640 (read and write for owner, read for group, no permissions for others)
  • For new directories: 777 - 027 = 750 (full permissions for owner, read and execute for group, no permissions for others)

Demonstrating the Effect of umask 027

  1. First, set the umask:

    umask 027
  2. Create a new file and directory:

    touch new_file_with_umask_027.txt
    mkdir new_directory_with_umask_027
  3. Check the permissions:

    ls -l new_file_with_umask_027.txt
    ls -ld new_directory_with_umask_027

You should see:

  • File: -rw-r----- (This corresponds to 640, which is read-write for owner, read for group, and no permissions for others)
  • Directory: drwxr-x--- (This corresponds to 750, which is full permissions for owner, read and execute for group, and no permissions for others)

As you can see, setting umask 027 indeed changed the default permissions for newly created files and directories, proving that umask is effective.

Setting Umask: Symbolic Mode

Setting umask in symbolic mode is less common, but it can be done:

# Sets user permissions to read and write, and read permissions for group and others
umask u=rw,g=r,o=r

Create another new file:

touch new_file_symbolic.txt

Check permissions:

ls -l new_file_symbolic.txt

The output might be:

-rw-r--r-- 1 user user 0 Sep 10 10:15 new_file_symbolic.txt


The umask command plays a crucial role in Linux file and directory permission management. Understanding how to set and manipulate umask values will help you maintain a secure and manageable file system.

Remember, you can check the umask man page (man umask) for more detailed information and options.

What Can You Do Next 🙏😊

If you liked the article, consider subscribing to Cloudaffle, my YouTube Channel, where I keep posting in-depth tutorials and all edutainment stuff for software developers.

YouTube @cloudaffle