Understanding umask 022 — The Linux Default
How the default umask 022 creates files with 644 and directories with 755 permissions. Configuration, calculation, and best practices.
Detailed Explanation
What Is umask?
The umask (user file-creation mode mask) controls the default permissions assigned to newly created files and directories. It works by removing permission bits from the maximum defaults.
How umask 022 Works
The system starts with maximum defaults:
- Files: 666 (rw-rw-rw-)
- Directories: 777 (rwxrwxrwx)
The umask is then subtracted (technically, bitwise AND with the complement):
Files: 666 & ~022 = 644 (rw-r--r--)
Directories: 777 & ~022 = 755 (rwxr-xr-x)
Breaking Down 022
0 = Owner: no bits removed (keeps rw for files, rwx for dirs)
2 = Group: write bit removed (r-x for dirs, r-- for files)
2 = Others: write bit removed (r-x for dirs, r-- for files)
Checking Current umask
# Display current umask (octal)
umask
# 0022
# Display in symbolic form
umask -S
# u=rwx,g=rx,o=rx
Setting umask
# Temporary (current session only)
umask 022
# Permanent for a user (add to shell profile)
echo "umask 022" >> ~/.bashrc
# System-wide default
# Edit /etc/login.defs: UMASK 022
# Or /etc/profile: umask 022
Why 022 Is the Default
umask 022 provides a practical balance:
- Files are readable by everyone but only writable by the owner
- Directories are traversable by everyone but only modifiable by the owner
- This works well for most single-user and multi-user systems
Common umask Values
| umask | File | Directory | Use Case |
|---|---|---|---|
| 022 | 644 | 755 | Standard default |
| 002 | 664 | 775 | Group collaboration |
| 077 | 600 | 700 | Maximum privacy |
| 027 | 640 | 750 | Production servers |
Use Case
Understanding umask is essential when debugging why newly created files have unexpected permissions. System administrators configure umask to enforce security policies. Developers encounter umask when deployment scripts create files with wrong permissions.
Try It — Linux Permission Reference
Related Topics
umask 077 for Maximum Security — Private File Creation
Umask & Defaults
chmod 644 Explained — Owner Read-Write, Others Read-Only
Common Permissions
chmod 755 Explained — Owner Full, Others Read+Execute
Common Permissions
Linux Directory Permissions Explained — How rwx Differs for Directories
Directory & Web
chmod 664 Explained — Owner+Group Read-Write, Others Read-Only
Directory & Web