I'm trying to set the default umask to 002 for all users including root on my CentOS box.
According to this and other answers, this can be achieved by editing /etc/profile. However the comments at the top of that file say:
It's NOT a good idea to change this file unless you know what you
are doing. It's much better to create a custom.sh shell script in
/etc/profile.d/ to make custom changes to your environment, as this
will prevent the need for merging in future updates.
So I went ahead and created the following file:
/etc/profile.d/myapp.sh
with the single line:
umask 002
Now, when I create a file logged in as root, the file is born with 664 permissions, the way I had hoped. But files created by my Apache mod_wsgi application, or files created with sudo, still default to 644 permissions…
$ touch newfile (as root):
Result = 664 (Works)
$ sudo touch newfile:
Result = 644 (Doesn't work)
Files created by Apache mod_wsgi app:
Result = 644 (Doesn't work)
Files created by Python's RotatingFileHandler:
Result = 644 (Doesn't work)
Why is this happening, and how can I ensure 664 file permissions system wide, no matter what creates the file?
Best Answer
profileis a startup file for the shell. Settingumask 002inprofile.dsets it for all users who start their processes from a login shell.Your two examples are of a different nature. For Apache you might set the umask in the
init.dscript that starts the http server.For processes started with
sudoyou could use theumaskoption in the sudoers file.