What determines default directory permissions?

Question

In Linux when I create a directory mkdir newdir then the newly created directory has these permissions and ownership: drwxr-xr-x 2 owner group

My Question

How can I make the default permissions for newly created DIRECTORIES be: drwxrwxrwx 2 owner group regardless of who created the directory?

Some research I made

I know that from within a Samba share you can enforce that with directory mask but what if someone goes to the terminal and makes a directory as root and then a regular user comes along and he then won't be able to create files in that directory that the root user made?

I have been playing with ACLs and I understand how to make all newly created FILES have certain permissions.

e.g: setfacl -dRm u::rwX,g::rwX,o::0 newdir/

This makes all files in the newdir folder have permission: -rw-rw---- regardless of who created the file.

I also learnt about "setting the directory group id bit" so that any files (or directories) created in the "newdir" directory will have group ownership equal to the group ownership of the "newdir" directory. chmod g+s newdir/

I have not been able to find out how to make the default permissions for a newly created DIRECTORY be: drwxrwxrwx 2 owner group regardless of who ever created the directory? Maybe it's something to do with umask? Can it be done with ACLs?

score 2 · Accepted Answer · answered Mar 02 '21 at 22:33

Yes you are correct - the default permissions are determined by the umask of the creating process. Unfortunately (unlike the SAMBA mount options, which provide separate dmask and fmask), the shell's umask applies to both directories and files:

$ umask 0000
$ mkdir newdir ; touch newfile
$ ls -ld new{dir,file}
drwxrwxrwx 1 steeldriver steeldriver 512 Mar  2 17:22 newdir
-rw-rw-rw- 1 steeldriver steeldriver   0 Mar  2 17:22 newfile

In any case, you can't control the umask of other user's processes (especially not root's).

score 1 · Answer 2 · answered Mar 02 '21 at 22:05

1

Check the manual (man mkdir):

-m, --mode=MODE
    set file mode (as in chmod), not a=rwx - umask

So you just need to:

mkdir -m 777 newdir

answered Mar 02 '21 at 22:05

schrodingerscatcuriosity

4,306
15
29

score 0 · Answer 3 · answered Mar 02 '21 at 22:24

Not the most efficent idea but it gets the job done. Make a cronjob run by root its one job is to execute the command /usr/bin/chmod -R 0777 /path/to/samba/share. Problem is solved at the interval chosen by you every time it runs that job.

What determines default directory permissions?

3 Answers3