How to set umask for a specific folder












21














For some obvious reasons I need to set umask value for one specific folder. How can one do that?



Thanks beforehand!



UPDATE 1



The reason I need to use umask for a specific folder is following. I have a web application and when it creates some file the default permission is 700. But I need at least 755 permission for that file. I think I could explain the problem more clearly now.










share|improve this question




















  • 1




    The reasons might be obvious to you, but not to us. Please share what you want to do.
    – htorque
    May 22 '11 at 20:12










  • @htorque. Added the reason why I need to use umask in my specific problem.
    – Bakhtiyor
    May 22 '11 at 20:24
















21














For some obvious reasons I need to set umask value for one specific folder. How can one do that?



Thanks beforehand!



UPDATE 1



The reason I need to use umask for a specific folder is following. I have a web application and when it creates some file the default permission is 700. But I need at least 755 permission for that file. I think I could explain the problem more clearly now.










share|improve this question




















  • 1




    The reasons might be obvious to you, but not to us. Please share what you want to do.
    – htorque
    May 22 '11 at 20:12










  • @htorque. Added the reason why I need to use umask in my specific problem.
    – Bakhtiyor
    May 22 '11 at 20:24














21












21








21


6





For some obvious reasons I need to set umask value for one specific folder. How can one do that?



Thanks beforehand!



UPDATE 1



The reason I need to use umask for a specific folder is following. I have a web application and when it creates some file the default permission is 700. But I need at least 755 permission for that file. I think I could explain the problem more clearly now.










share|improve this question















For some obvious reasons I need to set umask value for one specific folder. How can one do that?



Thanks beforehand!



UPDATE 1



The reason I need to use umask for a specific folder is following. I have a web application and when it creates some file the default permission is 700. But I need at least 755 permission for that file. I think I could explain the problem more clearly now.







permissions umask






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited May 22 '11 at 20:23

























asked May 22 '11 at 20:02









Bakhtiyor

4,339185676




4,339185676








  • 1




    The reasons might be obvious to you, but not to us. Please share what you want to do.
    – htorque
    May 22 '11 at 20:12










  • @htorque. Added the reason why I need to use umask in my specific problem.
    – Bakhtiyor
    May 22 '11 at 20:24














  • 1




    The reasons might be obvious to you, but not to us. Please share what you want to do.
    – htorque
    May 22 '11 at 20:12










  • @htorque. Added the reason why I need to use umask in my specific problem.
    – Bakhtiyor
    May 22 '11 at 20:24








1




1




The reasons might be obvious to you, but not to us. Please share what you want to do.
– htorque
May 22 '11 at 20:12




The reasons might be obvious to you, but not to us. Please share what you want to do.
– htorque
May 22 '11 at 20:12












@htorque. Added the reason why I need to use umask in my specific problem.
– Bakhtiyor
May 22 '11 at 20:24




@htorque. Added the reason why I need to use umask in my specific problem.
– Bakhtiyor
May 22 '11 at 20:24










5 Answers
5






active

oldest

votes


















29














you could use setfacl



setfacl -d -m group:name:rwx /path/to/your/dir


Where name is the group name



To find which groups you or a specific user belong see In unix/linux how do you find out what group a given user is in via command line?






share|improve this answer



















  • 1




    Perhaps setfacl has changed. I am getting an error stating that -m is not a valid option.
    – Ryan Burnette
    Jan 10 '15 at 19:51










  • Ryan, setfacl is not changed. Most likely you have't provided proper group name (after -m).
    – sergk
    Feb 4 '15 at 3:10










  • pretty sure setfacl is for access control lists and not umask. A better solution but not actually what was asked, I don't think.
    – Wyatt8740
    Feb 11 '16 at 0:05



















11














You cannot set umask per directory, it's a process-level value. If you need to prevent others from reading files in a directory, revoke the corresponding permissions bits.



For example, if you've a directory /home/user/directory with some files and directories which can get permissions like 777 from a process, set the permission bits of /home/user/directory to something like 700. That will make it impossible for other users (excluding the superuser root) to descend in /home/user/directory.



I'm paranoid and set the permissions on /home/user to 750, so only I can read, write and descend in my home directory. This has as consequence that folders like /home/user/Public cannot be accessed by others, but I can live with that.





Per update of your question: still, you cannot control that in the filesystem (other than using a different filesystem type like FAT which is strongly discougared), you need to do that in your webapp. If your webapp is coded in PHP, you can change the umask on the fly using the umask function:



<?php
umask(0022);
// other code
?>


You could put this in a configuration file, like the file containing the database connection password (thinking in apps like Wordpress).



Remember that it's a process value, some webservers allow you to set it in their configuration files, otherwise you could modify the startup scripts to set the desired umask. Remember that permissions like 755 and 644 are quite dangerous for webapps, if the code is sensitive, everyone can read it.






share|improve this answer























  • I know this is ancient, but I figure it's worth mentioning: the administrator can bind mount /home/user/Public (mount -o bind /home/user/Public /some/other/place) to work around the parent directory permissions issue.
    – Adrian Günter
    May 8 at 15:52



















1














To change permissions for a folder use chmod. umask is for files.



Set umask to what you need by



umask xxx


and change back when your done



umask 022





share|improve this answer



















  • 9




    umask = files and directories, fmask = only files, dmask = only directories. :P
    – htorque
    May 22 '11 at 20:15










  • I learned something new today :)
    – wojox
    May 22 '11 at 20:23






  • 1




    Actually that are options for certain file systems like NTFS (not that file creation mask setting command umask). Sorry for adding confusing information.
    – htorque
    May 22 '11 at 20:54










  • umask changes the file-creation mask for the current process (the current shell), if you have a different shell open or user-owned process, I don't believe it will be affected. This command will also affect any other files created outside of the directory until you change it back.
    – Mr. Dave
    May 3 '17 at 14:57



















0














Another solution might be to just set the group id on files created in the directory, which makes the new files owned by the directory group id, instead of the group id of the user that created the files. So I think you could just do:



chown www-data:www-data /my/folder



chmod 4755 /my/folder



This sets the setgid special file permission, which would cause all files created in /my/folder to be owned by the www-data group, which has then has rx (5) permission because of the parent directory.






share|improve this answer

















  • 1




    You have mistaken the GUID for the SUID octal value
    – adampski
    Jan 23 at 21:44



















0














Related, but maybe not applicable in this case, the following clip is from .zshrc:



# Change the umask automatically for some directories; use 0022 as the default
chpwd () {
case $PWD in
$HOME/[Dd]ocuments*)
if [[ $(umask) -ne 077 ]]; then
umask 0077
echo -e "33[01;32mumask: private 33[m"
fi;;
*/[Ww]eb*)
if [[ $(umask) -ne 072 ]]; then
umask 0072
echo -e "33[01;33mumask: other readable 33[m"
fi;;
/vol/nothing)
if [[ $(umask) -ne 002 ]]; then
umask 0002
echo -e "33[01;35mumask: group writable 33[m"
fi;;
*)
if [[ $(umask) -ne 022 ]]; then
umask 0022
echo -e "33[01;31mumask: world readable 33[m"
fi;;
esac
}


So for interactive use, something like that would work (but, obviously, not to provide security).






share|improve this answer





















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "89"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f44534%2fhow-to-set-umask-for-a-specific-folder%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    5 Answers
    5






    active

    oldest

    votes








    5 Answers
    5






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    29














    you could use setfacl



    setfacl -d -m group:name:rwx /path/to/your/dir


    Where name is the group name



    To find which groups you or a specific user belong see In unix/linux how do you find out what group a given user is in via command line?






    share|improve this answer



















    • 1




      Perhaps setfacl has changed. I am getting an error stating that -m is not a valid option.
      – Ryan Burnette
      Jan 10 '15 at 19:51










    • Ryan, setfacl is not changed. Most likely you have't provided proper group name (after -m).
      – sergk
      Feb 4 '15 at 3:10










    • pretty sure setfacl is for access control lists and not umask. A better solution but not actually what was asked, I don't think.
      – Wyatt8740
      Feb 11 '16 at 0:05
















    29














    you could use setfacl



    setfacl -d -m group:name:rwx /path/to/your/dir


    Where name is the group name



    To find which groups you or a specific user belong see In unix/linux how do you find out what group a given user is in via command line?






    share|improve this answer



















    • 1




      Perhaps setfacl has changed. I am getting an error stating that -m is not a valid option.
      – Ryan Burnette
      Jan 10 '15 at 19:51










    • Ryan, setfacl is not changed. Most likely you have't provided proper group name (after -m).
      – sergk
      Feb 4 '15 at 3:10










    • pretty sure setfacl is for access control lists and not umask. A better solution but not actually what was asked, I don't think.
      – Wyatt8740
      Feb 11 '16 at 0:05














    29












    29








    29






    you could use setfacl



    setfacl -d -m group:name:rwx /path/to/your/dir


    Where name is the group name



    To find which groups you or a specific user belong see In unix/linux how do you find out what group a given user is in via command line?






    share|improve this answer














    you could use setfacl



    setfacl -d -m group:name:rwx /path/to/your/dir


    Where name is the group name



    To find which groups you or a specific user belong see In unix/linux how do you find out what group a given user is in via command line?







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited May 23 '17 at 12:39









    Community

    1




    1










    answered Nov 14 '12 at 16:31









    yogi70

    29132




    29132








    • 1




      Perhaps setfacl has changed. I am getting an error stating that -m is not a valid option.
      – Ryan Burnette
      Jan 10 '15 at 19:51










    • Ryan, setfacl is not changed. Most likely you have't provided proper group name (after -m).
      – sergk
      Feb 4 '15 at 3:10










    • pretty sure setfacl is for access control lists and not umask. A better solution but not actually what was asked, I don't think.
      – Wyatt8740
      Feb 11 '16 at 0:05














    • 1




      Perhaps setfacl has changed. I am getting an error stating that -m is not a valid option.
      – Ryan Burnette
      Jan 10 '15 at 19:51










    • Ryan, setfacl is not changed. Most likely you have't provided proper group name (after -m).
      – sergk
      Feb 4 '15 at 3:10










    • pretty sure setfacl is for access control lists and not umask. A better solution but not actually what was asked, I don't think.
      – Wyatt8740
      Feb 11 '16 at 0:05








    1




    1




    Perhaps setfacl has changed. I am getting an error stating that -m is not a valid option.
    – Ryan Burnette
    Jan 10 '15 at 19:51




    Perhaps setfacl has changed. I am getting an error stating that -m is not a valid option.
    – Ryan Burnette
    Jan 10 '15 at 19:51












    Ryan, setfacl is not changed. Most likely you have't provided proper group name (after -m).
    – sergk
    Feb 4 '15 at 3:10




    Ryan, setfacl is not changed. Most likely you have't provided proper group name (after -m).
    – sergk
    Feb 4 '15 at 3:10












    pretty sure setfacl is for access control lists and not umask. A better solution but not actually what was asked, I don't think.
    – Wyatt8740
    Feb 11 '16 at 0:05




    pretty sure setfacl is for access control lists and not umask. A better solution but not actually what was asked, I don't think.
    – Wyatt8740
    Feb 11 '16 at 0:05













    11














    You cannot set umask per directory, it's a process-level value. If you need to prevent others from reading files in a directory, revoke the corresponding permissions bits.



    For example, if you've a directory /home/user/directory with some files and directories which can get permissions like 777 from a process, set the permission bits of /home/user/directory to something like 700. That will make it impossible for other users (excluding the superuser root) to descend in /home/user/directory.



    I'm paranoid and set the permissions on /home/user to 750, so only I can read, write and descend in my home directory. This has as consequence that folders like /home/user/Public cannot be accessed by others, but I can live with that.





    Per update of your question: still, you cannot control that in the filesystem (other than using a different filesystem type like FAT which is strongly discougared), you need to do that in your webapp. If your webapp is coded in PHP, you can change the umask on the fly using the umask function:



    <?php
    umask(0022);
    // other code
    ?>


    You could put this in a configuration file, like the file containing the database connection password (thinking in apps like Wordpress).



    Remember that it's a process value, some webservers allow you to set it in their configuration files, otherwise you could modify the startup scripts to set the desired umask. Remember that permissions like 755 and 644 are quite dangerous for webapps, if the code is sensitive, everyone can read it.






    share|improve this answer























    • I know this is ancient, but I figure it's worth mentioning: the administrator can bind mount /home/user/Public (mount -o bind /home/user/Public /some/other/place) to work around the parent directory permissions issue.
      – Adrian Günter
      May 8 at 15:52
















    11














    You cannot set umask per directory, it's a process-level value. If you need to prevent others from reading files in a directory, revoke the corresponding permissions bits.



    For example, if you've a directory /home/user/directory with some files and directories which can get permissions like 777 from a process, set the permission bits of /home/user/directory to something like 700. That will make it impossible for other users (excluding the superuser root) to descend in /home/user/directory.



    I'm paranoid and set the permissions on /home/user to 750, so only I can read, write and descend in my home directory. This has as consequence that folders like /home/user/Public cannot be accessed by others, but I can live with that.





    Per update of your question: still, you cannot control that in the filesystem (other than using a different filesystem type like FAT which is strongly discougared), you need to do that in your webapp. If your webapp is coded in PHP, you can change the umask on the fly using the umask function:



    <?php
    umask(0022);
    // other code
    ?>


    You could put this in a configuration file, like the file containing the database connection password (thinking in apps like Wordpress).



    Remember that it's a process value, some webservers allow you to set it in their configuration files, otherwise you could modify the startup scripts to set the desired umask. Remember that permissions like 755 and 644 are quite dangerous for webapps, if the code is sensitive, everyone can read it.






    share|improve this answer























    • I know this is ancient, but I figure it's worth mentioning: the administrator can bind mount /home/user/Public (mount -o bind /home/user/Public /some/other/place) to work around the parent directory permissions issue.
      – Adrian Günter
      May 8 at 15:52














    11












    11








    11






    You cannot set umask per directory, it's a process-level value. If you need to prevent others from reading files in a directory, revoke the corresponding permissions bits.



    For example, if you've a directory /home/user/directory with some files and directories which can get permissions like 777 from a process, set the permission bits of /home/user/directory to something like 700. That will make it impossible for other users (excluding the superuser root) to descend in /home/user/directory.



    I'm paranoid and set the permissions on /home/user to 750, so only I can read, write and descend in my home directory. This has as consequence that folders like /home/user/Public cannot be accessed by others, but I can live with that.





    Per update of your question: still, you cannot control that in the filesystem (other than using a different filesystem type like FAT which is strongly discougared), you need to do that in your webapp. If your webapp is coded in PHP, you can change the umask on the fly using the umask function:



    <?php
    umask(0022);
    // other code
    ?>


    You could put this in a configuration file, like the file containing the database connection password (thinking in apps like Wordpress).



    Remember that it's a process value, some webservers allow you to set it in their configuration files, otherwise you could modify the startup scripts to set the desired umask. Remember that permissions like 755 and 644 are quite dangerous for webapps, if the code is sensitive, everyone can read it.






    share|improve this answer














    You cannot set umask per directory, it's a process-level value. If you need to prevent others from reading files in a directory, revoke the corresponding permissions bits.



    For example, if you've a directory /home/user/directory with some files and directories which can get permissions like 777 from a process, set the permission bits of /home/user/directory to something like 700. That will make it impossible for other users (excluding the superuser root) to descend in /home/user/directory.



    I'm paranoid and set the permissions on /home/user to 750, so only I can read, write and descend in my home directory. This has as consequence that folders like /home/user/Public cannot be accessed by others, but I can live with that.





    Per update of your question: still, you cannot control that in the filesystem (other than using a different filesystem type like FAT which is strongly discougared), you need to do that in your webapp. If your webapp is coded in PHP, you can change the umask on the fly using the umask function:



    <?php
    umask(0022);
    // other code
    ?>


    You could put this in a configuration file, like the file containing the database connection password (thinking in apps like Wordpress).



    Remember that it's a process value, some webservers allow you to set it in their configuration files, otherwise you could modify the startup scripts to set the desired umask. Remember that permissions like 755 and 644 are quite dangerous for webapps, if the code is sensitive, everyone can read it.







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited May 22 '11 at 20:26

























    answered May 22 '11 at 20:18









    Lekensteyn

    120k48263354




    120k48263354












    • I know this is ancient, but I figure it's worth mentioning: the administrator can bind mount /home/user/Public (mount -o bind /home/user/Public /some/other/place) to work around the parent directory permissions issue.
      – Adrian Günter
      May 8 at 15:52


















    • I know this is ancient, but I figure it's worth mentioning: the administrator can bind mount /home/user/Public (mount -o bind /home/user/Public /some/other/place) to work around the parent directory permissions issue.
      – Adrian Günter
      May 8 at 15:52
















    I know this is ancient, but I figure it's worth mentioning: the administrator can bind mount /home/user/Public (mount -o bind /home/user/Public /some/other/place) to work around the parent directory permissions issue.
    – Adrian Günter
    May 8 at 15:52




    I know this is ancient, but I figure it's worth mentioning: the administrator can bind mount /home/user/Public (mount -o bind /home/user/Public /some/other/place) to work around the parent directory permissions issue.
    – Adrian Günter
    May 8 at 15:52











    1














    To change permissions for a folder use chmod. umask is for files.



    Set umask to what you need by



    umask xxx


    and change back when your done



    umask 022





    share|improve this answer



















    • 9




      umask = files and directories, fmask = only files, dmask = only directories. :P
      – htorque
      May 22 '11 at 20:15










    • I learned something new today :)
      – wojox
      May 22 '11 at 20:23






    • 1




      Actually that are options for certain file systems like NTFS (not that file creation mask setting command umask). Sorry for adding confusing information.
      – htorque
      May 22 '11 at 20:54










    • umask changes the file-creation mask for the current process (the current shell), if you have a different shell open or user-owned process, I don't believe it will be affected. This command will also affect any other files created outside of the directory until you change it back.
      – Mr. Dave
      May 3 '17 at 14:57
















    1














    To change permissions for a folder use chmod. umask is for files.



    Set umask to what you need by



    umask xxx


    and change back when your done



    umask 022





    share|improve this answer



















    • 9




      umask = files and directories, fmask = only files, dmask = only directories. :P
      – htorque
      May 22 '11 at 20:15










    • I learned something new today :)
      – wojox
      May 22 '11 at 20:23






    • 1




      Actually that are options for certain file systems like NTFS (not that file creation mask setting command umask). Sorry for adding confusing information.
      – htorque
      May 22 '11 at 20:54










    • umask changes the file-creation mask for the current process (the current shell), if you have a different shell open or user-owned process, I don't believe it will be affected. This command will also affect any other files created outside of the directory until you change it back.
      – Mr. Dave
      May 3 '17 at 14:57














    1












    1








    1






    To change permissions for a folder use chmod. umask is for files.



    Set umask to what you need by



    umask xxx


    and change back when your done



    umask 022





    share|improve this answer














    To change permissions for a folder use chmod. umask is for files.



    Set umask to what you need by



    umask xxx


    and change back when your done



    umask 022






    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited May 22 '11 at 20:25

























    answered May 22 '11 at 20:09









    wojox

    7,57612955




    7,57612955








    • 9




      umask = files and directories, fmask = only files, dmask = only directories. :P
      – htorque
      May 22 '11 at 20:15










    • I learned something new today :)
      – wojox
      May 22 '11 at 20:23






    • 1




      Actually that are options for certain file systems like NTFS (not that file creation mask setting command umask). Sorry for adding confusing information.
      – htorque
      May 22 '11 at 20:54










    • umask changes the file-creation mask for the current process (the current shell), if you have a different shell open or user-owned process, I don't believe it will be affected. This command will also affect any other files created outside of the directory until you change it back.
      – Mr. Dave
      May 3 '17 at 14:57














    • 9




      umask = files and directories, fmask = only files, dmask = only directories. :P
      – htorque
      May 22 '11 at 20:15










    • I learned something new today :)
      – wojox
      May 22 '11 at 20:23






    • 1




      Actually that are options for certain file systems like NTFS (not that file creation mask setting command umask). Sorry for adding confusing information.
      – htorque
      May 22 '11 at 20:54










    • umask changes the file-creation mask for the current process (the current shell), if you have a different shell open or user-owned process, I don't believe it will be affected. This command will also affect any other files created outside of the directory until you change it back.
      – Mr. Dave
      May 3 '17 at 14:57








    9




    9




    umask = files and directories, fmask = only files, dmask = only directories. :P
    – htorque
    May 22 '11 at 20:15




    umask = files and directories, fmask = only files, dmask = only directories. :P
    – htorque
    May 22 '11 at 20:15












    I learned something new today :)
    – wojox
    May 22 '11 at 20:23




    I learned something new today :)
    – wojox
    May 22 '11 at 20:23




    1




    1




    Actually that are options for certain file systems like NTFS (not that file creation mask setting command umask). Sorry for adding confusing information.
    – htorque
    May 22 '11 at 20:54




    Actually that are options for certain file systems like NTFS (not that file creation mask setting command umask). Sorry for adding confusing information.
    – htorque
    May 22 '11 at 20:54












    umask changes the file-creation mask for the current process (the current shell), if you have a different shell open or user-owned process, I don't believe it will be affected. This command will also affect any other files created outside of the directory until you change it back.
    – Mr. Dave
    May 3 '17 at 14:57




    umask changes the file-creation mask for the current process (the current shell), if you have a different shell open or user-owned process, I don't believe it will be affected. This command will also affect any other files created outside of the directory until you change it back.
    – Mr. Dave
    May 3 '17 at 14:57











    0














    Another solution might be to just set the group id on files created in the directory, which makes the new files owned by the directory group id, instead of the group id of the user that created the files. So I think you could just do:



    chown www-data:www-data /my/folder



    chmod 4755 /my/folder



    This sets the setgid special file permission, which would cause all files created in /my/folder to be owned by the www-data group, which has then has rx (5) permission because of the parent directory.






    share|improve this answer

















    • 1




      You have mistaken the GUID for the SUID octal value
      – adampski
      Jan 23 at 21:44
















    0














    Another solution might be to just set the group id on files created in the directory, which makes the new files owned by the directory group id, instead of the group id of the user that created the files. So I think you could just do:



    chown www-data:www-data /my/folder



    chmod 4755 /my/folder



    This sets the setgid special file permission, which would cause all files created in /my/folder to be owned by the www-data group, which has then has rx (5) permission because of the parent directory.






    share|improve this answer

















    • 1




      You have mistaken the GUID for the SUID octal value
      – adampski
      Jan 23 at 21:44














    0












    0








    0






    Another solution might be to just set the group id on files created in the directory, which makes the new files owned by the directory group id, instead of the group id of the user that created the files. So I think you could just do:



    chown www-data:www-data /my/folder



    chmod 4755 /my/folder



    This sets the setgid special file permission, which would cause all files created in /my/folder to be owned by the www-data group, which has then has rx (5) permission because of the parent directory.






    share|improve this answer












    Another solution might be to just set the group id on files created in the directory, which makes the new files owned by the directory group id, instead of the group id of the user that created the files. So I think you could just do:



    chown www-data:www-data /my/folder



    chmod 4755 /my/folder



    This sets the setgid special file permission, which would cause all files created in /my/folder to be owned by the www-data group, which has then has rx (5) permission because of the parent directory.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Jul 11 '17 at 8:49









    Bastiaan

    1




    1








    • 1




      You have mistaken the GUID for the SUID octal value
      – adampski
      Jan 23 at 21:44














    • 1




      You have mistaken the GUID for the SUID octal value
      – adampski
      Jan 23 at 21:44








    1




    1




    You have mistaken the GUID for the SUID octal value
    – adampski
    Jan 23 at 21:44




    You have mistaken the GUID for the SUID octal value
    – adampski
    Jan 23 at 21:44











    0














    Related, but maybe not applicable in this case, the following clip is from .zshrc:



    # Change the umask automatically for some directories; use 0022 as the default
    chpwd () {
    case $PWD in
    $HOME/[Dd]ocuments*)
    if [[ $(umask) -ne 077 ]]; then
    umask 0077
    echo -e "33[01;32mumask: private 33[m"
    fi;;
    */[Ww]eb*)
    if [[ $(umask) -ne 072 ]]; then
    umask 0072
    echo -e "33[01;33mumask: other readable 33[m"
    fi;;
    /vol/nothing)
    if [[ $(umask) -ne 002 ]]; then
    umask 0002
    echo -e "33[01;35mumask: group writable 33[m"
    fi;;
    *)
    if [[ $(umask) -ne 022 ]]; then
    umask 0022
    echo -e "33[01;31mumask: world readable 33[m"
    fi;;
    esac
    }


    So for interactive use, something like that would work (but, obviously, not to provide security).






    share|improve this answer


























      0














      Related, but maybe not applicable in this case, the following clip is from .zshrc:



      # Change the umask automatically for some directories; use 0022 as the default
      chpwd () {
      case $PWD in
      $HOME/[Dd]ocuments*)
      if [[ $(umask) -ne 077 ]]; then
      umask 0077
      echo -e "33[01;32mumask: private 33[m"
      fi;;
      */[Ww]eb*)
      if [[ $(umask) -ne 072 ]]; then
      umask 0072
      echo -e "33[01;33mumask: other readable 33[m"
      fi;;
      /vol/nothing)
      if [[ $(umask) -ne 002 ]]; then
      umask 0002
      echo -e "33[01;35mumask: group writable 33[m"
      fi;;
      *)
      if [[ $(umask) -ne 022 ]]; then
      umask 0022
      echo -e "33[01;31mumask: world readable 33[m"
      fi;;
      esac
      }


      So for interactive use, something like that would work (but, obviously, not to provide security).






      share|improve this answer
























        0












        0








        0






        Related, but maybe not applicable in this case, the following clip is from .zshrc:



        # Change the umask automatically for some directories; use 0022 as the default
        chpwd () {
        case $PWD in
        $HOME/[Dd]ocuments*)
        if [[ $(umask) -ne 077 ]]; then
        umask 0077
        echo -e "33[01;32mumask: private 33[m"
        fi;;
        */[Ww]eb*)
        if [[ $(umask) -ne 072 ]]; then
        umask 0072
        echo -e "33[01;33mumask: other readable 33[m"
        fi;;
        /vol/nothing)
        if [[ $(umask) -ne 002 ]]; then
        umask 0002
        echo -e "33[01;35mumask: group writable 33[m"
        fi;;
        *)
        if [[ $(umask) -ne 022 ]]; then
        umask 0022
        echo -e "33[01;31mumask: world readable 33[m"
        fi;;
        esac
        }


        So for interactive use, something like that would work (but, obviously, not to provide security).






        share|improve this answer












        Related, but maybe not applicable in this case, the following clip is from .zshrc:



        # Change the umask automatically for some directories; use 0022 as the default
        chpwd () {
        case $PWD in
        $HOME/[Dd]ocuments*)
        if [[ $(umask) -ne 077 ]]; then
        umask 0077
        echo -e "33[01;32mumask: private 33[m"
        fi;;
        */[Ww]eb*)
        if [[ $(umask) -ne 072 ]]; then
        umask 0072
        echo -e "33[01;33mumask: other readable 33[m"
        fi;;
        /vol/nothing)
        if [[ $(umask) -ne 002 ]]; then
        umask 0002
        echo -e "33[01;35mumask: group writable 33[m"
        fi;;
        *)
        if [[ $(umask) -ne 022 ]]; then
        umask 0022
        echo -e "33[01;31mumask: world readable 33[m"
        fi;;
        esac
        }


        So for interactive use, something like that would work (but, obviously, not to provide security).







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Dec 15 at 19:57









        Ville

        1113




        1113






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f44534%2fhow-to-set-umask-for-a-specific-folder%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            數位音樂下載

            When can things happen in Etherscan, such as the picture below?

            格利澤436b