Symptoms
You may find that files and directories are created with incorrect or unexpected permissions.
Description
A few factors can influence the permissions that files are created with. These are covered below.
Workaround
Non-standard umask
In the case that permissions are not specified, the umask value is subtracted from the default files and directory permission to obtain the final permissions that will be used. If the umask is non-standard, this may result in incorrect or unexpected permissions being used. The default umask is 0022, and it can be checked with the following command.
[root@server ~]# umask
0022
The following configuration files can be used to change the default UMASK value:
- /etc/login.defs
- /etc/profile
- /etc/bashrc
- /home/$username/.bashrc
Custom FACLs
File Access Control Lists for a directory may influence the permissions for files and directories created inside of it. The default FACL will show just the basic permissions of the directory, as shown below.
[root@server ~]# ll -d /root/
dr-xr-x---. 13 root root 4096 Jan 00 00:00 /root/
[root@server ~]# getfacl /root
getfacl: Removing leading '/' from absolute path names
# file: root
# owner: root
# group: root
user::r-x
group::r-x
other::---
Configuration files
If the file is generated by a service or daemon, there may be a setting for the permissions to be used. This will vary depending on the specific service or daemon, and you will need to consult the documentation for it.