What is the umask Linux command?

Linux is an open-source Unix-based operating system similar to the MacOS. Developers and system programmers mostly use it because of its powerful kernel functionalities.

The umask command

The umask command is used to specify the file permissions that must be denied to newly created files and directories.

Let's suppose we have created a new empty directory, and in that directory, we want all the newly created files to have specific permissions. We can do this by manually changing the permissions every time we make a file, but this method requires a lot of time and effort. Another way is to use the umask command so that when a new file is created, it will have the necessary permissions by default.

Syntax

Below we can see the syntax for the umask command.

umask [-p] [-S] [mask]

Now let's discuss what the three placeholders in the above command mean.

  • [-p]: Displays the current mask value, in a numerical form, for the directory in which the command was executed, for example, 0777.

  • [-S]: Displays the current default permissions, in symbolic form, for the directory in which the command was executed, for example, u=rwx,g=rwx,o=rx.

  • [mask]: Here, we specify the permissions we want to deny to the newly created files in the current directory. The value can either be symbolic or in octal format.

How it works

Now that we have gone through the syntax for the umask command, let's understand how the command works to set the new default permissions using an octal mask value.

Below, is the formula that is used to calculate the new permissions

The new default permissions would result from subtracting the octal value from the value 0777.

Example

Let's consider a case where we want to create a new directory, and in the new directory, we want to provide the following permissions u=rwx,g=rwx,o=rxUsers can read, write and execute the file. Group have read write and execute permissions. Other has read and execute permissions they can not write to the files. for all the newly created files. How would we do so?

The permissions u=rwx,g=rwx,o=rxUsers can read, write and execute the file. Group have read write and execute permissions. Other has read and execute permissions they can not write to the files. can be broken down as follows:

  • Owner/user: They can read, write, and execute the files

  • Group users: They can read, write, and execute the files.

  • Others: They can only read and execute, but not write to the file.

The diagram below shows how to retrieve the equivalent octal value of the new permissions.

Illustration depicting the extraction of octal values for new permissions
Illustration depicting the extraction of octal values for new permissions

The diagram shows that the octal values for r, w, and x are 4, 2, and 1. We also see that the final permissions for a specific user type are the sum of the individual octal values.

For the user/owner, we have the permission rwx , so in octal, they sum up to 7 (4+2+1). Similarly, we have the same permissions as the user/owner for the users of the same group, so they also sum up to 7. For others, we define the permissions rx , which in octal sum up to be 5 (4+1).

Finally, we arrange the octal values in the order of User Group Others for the final permissions, which come to 775.

Since our new permissions are equal to 775, we will use the mask value of 0002. The result of the subtraction of 0777 and 0002 will come to 0775, which would be the correct value for the new default permissions.

So, our umask command would be:

umask 0002

Practice the command

Below, we can see the live terminal where we can run the umask command and analyze how it works.

When we run the terminal, we see that we use the umask command to convert the default permissions u=rwx,g=rx,o=rx that were set by the operating system to u=rwx,g=rwx,o=rx by using a mask value of 0002.

Challenge

In the terminal below, try changing the permissions for the newly created files back to the default permissions u=rwx,g=rx,o=rx using the umask command.

To verify if the mask was changed, run the command umask -S.

Terminal 1
Terminal
Loading...

Revision quiz

Now that we have understood what is the umask command and how it is used, let's try to solve the quiz below to test ourselves.

1

The umask value is represented in:

A)

Binary

B)

Decimal

C)

Octal

D)

Hexadecimal

Question 1 of 40 attempted

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved