How To Set Umask for a Specific Folder in Ubuntu

In this article, we will walk you through the process of setting umask for a specific folder in Ubuntu. The umask is a command that determines the settings of a mask that controls how file permissions are set for newly created files. It also influences the permissions that new directories get.

Understanding Umask

The umask command can be used to set the default permissions that are assigned to new files and directories. By default, the umask value is set to 022 in Ubuntu, which means that newly created files will have permissions of 644 (rw-r--r--) and directories will have 755 (rwxr-xr-x).

Let’s break down these permissions:

• rw-r--r--: The owner can read and write the file. Other users can only read the file.
• rwxr-xr-x: The owner can read, write, and execute. Other users can read and execute but not write.

Setting Umask for a Specific Folder

To set the umask value for a specific folder, you have a few options:

Using setfacl

Access Control Lists (ACLs) provide more specific permission definitions compared to traditional permission techniques. setfacl is a command used to set ACLs.

1. Install setfacl if it’s not already available on your system. You can do this by running the following command:

sudo apt-get install acl

2. Run the following command to set the default permissions for the folder:

setfacl -d -m group:name:rwx /path/to/your/dir

In the above command, -d sets the default permissions, -m modifies the ACL, and group:name:rwx sets the permissions for the group name to read, write, and execute. Replace name with the desired group name and /path/to/your/dir with the actual path to your folder.

Revoking Permissions Using chmod

The chmod command changes the permissions of a file or directory.

1. Run the following commands to revoke permissions for others to read files in the folder:

chown www-data:www-data /path/to/your/dir
chmod 2755 /path/to/your/dir

In the chown command, www-data:www-data sets the owner and group of the directory. The chmod command then sets the setgid special file permission, making new files owned by the www-data group with read and execute permissions.

Using Shell Hooks and direnv

direnv is an environment switcher for the shell. It knows how to hook into bash, zsh, tcsh, fish shell, and elvish to load or unload environment variables depending on the current directory.

1. Install direnv if it’s not already available on your system. You can do this by running the following command:

sudo apt-get install direnv

2. Create a .envrc file in the folder and add the following line to set the umask value:

export UMASK=0022

3. Define a hook in your shell configuration file (e.g., .bashrc, .zshrc) to change the umask value when you enter the folder:

function _umask_hook {
 if [[ -n $UMASK ]]; then
 umask "$UMASK"
 else
 umask "$DEFAULT_UMASK"
 fi
}

For zsh, you can use the chpwd hook, and for bash, you can modify the PROMPT_COMMAND variable. Make sure to source your shell configuration file or restart your shell for the changes to take effect.

Conclusion

Setting the umask for a specific folder in Ubuntu can be achieved in several ways. Depending on your specific needs, you may find one method more suitable than the others. Remember to adjust the permissions and group names according to your specific requirements.

setfacl -d -m group:name:rwx /path/to/your/dir

chown www-data:www-data /path/to/your/dir
chmod 2755 /path/to/your/dir