DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 30th October 2020
victorvas victorvas is offline
Real Name: Victor
Linux
 
Join Date: May 2019
Posts: 128
Default Understanding umask

Code:
$ umask 026
$ umask -S
u=rwx,g=rx,o=x
$ touch foo
$ ls -l foo
-rw-r-----
I thought it would be
Code:
-rwxr-x--x
How does it work?
Reply With Quote
  #2   (View Single Post)  
Old 30th October 2020
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 1,018
Default

Files will often be created using the fopen(3) system call. Looking at that man page shows

Quote:
Any created files will have mode "S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP |
S_IROTH | S_IWOTH" (0666), as modified by the process' umask value (see
umask(2)).
So files are created by this without any execute permissions (0666) requested, and the umask can only strip off more bits (IIRC you AND with the NOT of the umask). I think this probably explains what you're seeing, though I haven't looked at the source code of touch(1).

Last edited by IdOp; 30th October 2020 at 02:34 AM.
Reply With Quote
  #3   (View Single Post)  
Old 30th October 2020
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,798
Default

Wikipedia has a quite good entry about it: https://en.wikipedia.org/wiki/Umask
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #4   (View Single Post)  
Old 30th October 2020
fvgit's Avatar
fvgit fvgit is offline
Spikes in tights
 
Join Date: May 2016
Location: perl -MMIME::Base64 -le 'print decode_base64("U2hlcndvb2QgRm9yZXN0")'
Posts: 306
Default

While we're on topic, is there a way to set the umask for a process? Say my default umask is 022 and I'm creating a file in ed for example or with echo and want it to be written to disk with 077 just for this process (incl. any temporary files that might be created)?
Reply With Quote
  #5   (View Single Post)  
Old 30th October 2020
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 1,018
Default

This may not be exactly what you want, but you could run it in a sub-shell; e.g.,

% ( umask 0777 ; echo FOO > foooo )

will take away all the usual permissions from the file, while leaving the outer umask unchanged.
Reply With Quote
  #6   (View Single Post)  
Old 30th October 2020
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,798
Default

Shell scripts are usually run as a separate process.

You can set the umask in a shell script so it will only affect the file creating commands of that script.
After the script has ended the umask value of your interactive shell will still be the original.

Code:
#!/bin/sh

FILE=umask_test

[ -f $FILE ] && rm $FILE

cat <<END
Current value of umask: $( umask )
END

umask 066

cat <<END
Current value of umask: $( umask )
END

echo Creating file
touch $FILE
ls -l $FILE

echo End of script .....
Executing it gives:
Code:
j65nko@alix[~]./umask.tst    
Current value of umask: 022
Current value of umask: 066
Creating file
-rw-------  1 j65nko  j65nko  0 Oct 30 22:11 umask_test
End of script .....
j65nko@alix[~]umask
022
j65nko@alix[~]
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #7   (View Single Post)  
Old 30th October 2020
fvgit's Avatar
fvgit fvgit is offline
Spikes in tights
 
Join Date: May 2016
Location: perl -MMIME::Base64 -le 'print decode_base64("U2hlcndvb2QgRm9yZXN0")'
Posts: 306
Default

Quote:
Originally Posted by IdOp View Post
This may not be exactly what you want, but you could run it in a sub-shell; e.g.,

% ( umask 0777 ; echo FOO > foooo )

will take away all the usual permissions from the file, while leaving the outer umask unchanged.
Nice! It even works with a scripted ed session:
Code:
$ cat test.sh
( umask u-w,g-rx,o-rx ; ed <<- EOF
H
a
# By order of the Peaky fookin' Blinders!
.
w foooo
q
EOF
)
touch baaaar

$ umask                                                            
022
$ ls -al foooo baaaar
ls: baaaar: No such file or directory
ls: foooo: No such file or directory
$ ./test.sh
42
$ ls -al foooo baaaar                                               
-rw-r--r--  1 fvgit  fvgit   0 Oct 30 22:12 baaaar
-r--------  1 fvgit  fvgit  42 Oct 30 22:12 foooo
I also played around with install(1) but it wouldn't take input from stdin.
Reply With Quote
  #8   (View Single Post)  
Old 30th October 2020
fvgit's Avatar
fvgit fvgit is offline
Spikes in tights
 
Join Date: May 2016
Location: perl -MMIME::Base64 -le 'print decode_base64("U2hlcndvb2QgRm9yZXN0")'
Posts: 306
Default

@J65enko: My use case was actually a single command from within a larger script. So that that single cmd would have a different umask applied than the remaining commands in the same script. I thought about setting the umask, then running the command and setting the umask again, originally. But I didn't find it really elegant.
Quote:
Originally Posted by J65enko
Shell scripts are usually run as a separate process.

You can set the umask in a shell script so it will only affect the file creating commands of that script.
After the script has ended the umask value of your interactive shell will still be the original.
This hadn't crossed my mind, though.

I'm adding both your and IdOp's examples to my toolchest.
Reply With Quote
  #9   (View Single Post)  
Old 3rd November 2020
sabrina sabrina is offline
Port Guard
 
Join Date: Jun 2020
Posts: 15
Default

This script will show permissions based on current value of umask:
Code:
#!/bin/ksh
typeset -i2 defa
typeset -i onescomp
(( onescomp=~(8#$(umask)) ))
(( defa=(8#666)&onescomp ))
defaultPerm=${defa#*#}
print "\nDefault regular file permissions with current umask ($(umask))"
print " u  g  o"
print "_________"
print "rwxrwxrwx"
print $defaultPerm
print "\nDefault directory file permissions with current umask ($(umask))"
typeset -i2 ddefa
(( ddefa=(8#777)&onescomp ))
defaultPerm=${ddefa#*#}
print " u  g  o"
print '_________'
print 'rwxrwxrwx'
print $defaultPerm
print "\n1s are on, 0s are off\n"
Usage: put this content into ~/permissions
Code:
$ chmod u+x ~/permissions
~/permissions
umask 027
~/permissions
Reply With Quote
Old 12th November 2020
victorvas victorvas is offline
Real Name: Victor
Linux
 
Join Date: May 2019
Posts: 128
Default

If a file has permissions rw--------- und I create a link to it with ln -s, the link has permissions of lrwxr-xr-x. How can I change link's permissions to be lrw--------- ?
Reply With Quote
Old 19th November 2020
victorvas victorvas is offline
Real Name: Victor
Linux
 
Join Date: May 2019
Posts: 128
Talking

Quote:
Originally Posted by victorvas View Post
If a file has permissions rw--------- und I create a link to it with ln -s, the link has permissions of lrwxr-xr-x. How can I change link's permissions to be lrw--------- ?
I found how to do it. chmod -h 600 link
Reply With Quote
Reply

Tags
umask

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Understanding relayd sleepyjoe OpenBSD Security 2 26th April 2020 05:30 AM
understanding tcpdump frcc OpenBSD Security 3 11th April 2013 10:10 PM
Understanding and Community Ninguem Off-Topic 4 31st March 2012 01:22 AM
Help needed with understanding PF rules sparky OpenBSD Security 7 26th March 2012 09:07 PM
Understanding the FreeBSD kernel TomAmundsen FreeBSD General 3 7th July 2008 02:48 PM


All times are GMT. The time now is 01:08 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick