File Permissions with umask
Oracle UNIX/Linux Tips by Burleson Consulting
Change default file permissions with
As we noted in Chapter 1, the umask and
chmod commands are often used by the Oracle DBA to allow other UNIX
users the ability to read and execute Oracle files.
For example, if we want to create a file
with read-write permission for the Oracle user and ready-only
permissions for everybody else, we can set the umask to 022:
1 oracle dba
0 Aug 13 09:36 dumpfile.trc
Setting Default Permissions Using a File Mask
By default, Linux permissions for new directories are
typically set to 755 allowing read, write, and execute permissions to user and
only read and execute to group and other users. Conversely, file permissions
default to 644 allowing read and write access to user but only read to group and
others. These defaults are controlled by the user file-creation mask or umask.
A user or administrator may want to change the Linux
default permissions by using the umask command in a login script. The umask
command can be used without specifying any arguments to determine what the
current default permissions are. The value displayed by umask must be
subtracted from the defaults of 777 for directories and 666 for files to
determine the current defaults. A typical umask which will generate the
permissions listed in the previous paragraph would be 0022. The first digit
pertains to the sticky bit which will be explained further later in this
The ?S option can be used to see the current default
permissions displayed in the alpha symbolic format. Default permissions can be
changed by specifying the mode argument to umask within the user?s shell profile
The following are some examples.
Using umask to Set Default Permissions
$ umask -S
$ umask 033
$ umask -S
The default umask will cause users to create files which
any user can read. In many instances where you have a multi-user system this is
not desirable and a more appropriate umask may be 077. That umask will enforce
the default permissions to be read, write and execute for the owner and no
permissions for the group and other users.
There are a few special permission mode settings that
are worthy of noting. Table 6.3 below contains a few of these special settings.
If you like Oracle tuning, see the
Tuning: The Definitive Reference", with 950 pages of tuning
tips and scripts.
You can buy it direct from the publisher for 30%-off and get
instant access to the code depot of Oracle tuning scripts.