Why does umask 077 not allow the user to execute files/directories?

umask

Solution 1:

When you use a umask of 077 only the user has read, write and execute permissions. The user definitely will be able to open ('execute') directories (see more on why directories have to be executable in my answer here). However, files must always be made executable by entering chmod u+x myfile; they are never automatically executable. Some more useful information on umask is given in this answer:

  • What is "umask" and how does it work?

The likely possibility for your problems is that you have perhaps entered the value slightly incorrectly, which has resulted in a different umask, or that the value has not been permanently set. If you enter umask 077 in the terminal it will only hold good for that session of the terminal; to make it permanent for your user simply add umask 077 to your ~/.profile. The system default setting for umask is in /etc/login.defs; it used to be in /etc/profile. See also the manpage for pam_umask, which is a pam module that handles the assignment of umask.

The following examples are from a successful setting of umask 077:

1) For folder creation: mkdir doc checked with stat doc gave the correct permissions and an 'executable' folder:

File: `doc'
  Size: 4096        Blocks: 8          IO Block: 4096   directory
Device: 801h/2049d  Inode: 6425268     Links: 2
Access: (0700/drwx------)  Uid: ( 1000/    mike)   Gid: ( 1000/    mike)
Access: 2012-09-12 11:33:01.236675420 +0100
Modify: 2012-09-12 11:33:01.236675420 +0100
Change: 2012-09-12 11:33:01.236675420 +0100
 Birth: -

2) For file creation: touch new checked with stat new gave the correct permissions; the file is only made executable when you use chmod +x:

File: `new'
  Size: 0           Blocks: 0          IO Block: 4096   regular empty file
Device: 801h/2049d  Inode: 6303902     Links: 1
Access: (0600/-rw-------)  Uid: ( 1000/    mike)   Gid: ( 1000/    mike)
Access: 2012-09-12 11:34:58.272676270 +0100
Modify: 2012-09-12 11:34:58.272676270 +0100
Change: 2012-09-12 11:34:58.272676270 +0100

A umask of 077 will give the permissions shown, but if you still have problems with permissions after setting umask 077 properly (as discussed further above) we can look into it further.

Solution 2:

The umask value will be used to appropriately modify the default fmask for file permissions (base permission 0666) and dmask for directory/folder permissions (base permission 0777).

The effective fmask and dmask values will be calculated by deducting the umask value (Octal calculations).

So a umask 0022 would result in fmask to get a value 0644 (i.e. 0666 - 0022) while dmask would be 0755 (i.e. 0777 - 0022).

The umask 0077 prevent files from being created with any access not only to the world (indicated by the ultimate octal digit) but also your group members (indicated by the penultimate octal digit).

Reference:

  • umask

Related

Transmission not downloading
Will the Intel Bay Trail CPU problem be fixed in 17.04?
What is the difference between Software Updater and Ubuntu Software Updates?
How to remove Change Desktop Background from right click?
What is Ubuntu's Definition of a "Registered Application"?
Alt-tab crashes gnome classic desktop (12.04)
How to disable automatic suspend warning
Can't get service noip2 to start on boot [duplicate]
How to set temperature warnings to avoid overheat?
How can I access system mail in /var/mail/ via thunderbird?
Excluding certain files and directories when deleting files
How to get conky work even in lock screen?