Hello linux gurus, I hope you can assist me on this. A little background info first: I currently run a web server on Redhat 7.1, it's web documents directory is /www/. I do all of my work on a windows machine, using Samba to access the linux box.

When I create a new file on the windows box and drop it into the /www/ directory, it is assigned a 744 permission, which blocks people on the internet from accessing the file (403 forbidden) for some reason, it works fine with 755. So, everytime I add a file, I have to "chmod -R /www/" the whole directory. Im sure there is a way to automatically set all new files on the server, or just that directory, to a 755 permission, but I have no idea how.

How do I make a folder (/www/) automatically set all files added to it to 755 permission?

I have heard of umask, but I have no idea how to use it.

Thanks in advance for your help

The perms '744' are

rwxr--r--

which means that the 'user' or 'owner' can read, write and 'execute' (open) the directory, while 'group' and 'other' (the rest of the world) can simply read the directory. All they can do it see that it's there.

On the other hand, the perms '755' are

rwxr-xr-x

...so the execute bit is set for user, group and other, allowing everyone to open the dir and peek inside.

Once you chmod the entire dir to be 755, all files and dirs within become executable, perhaps not the best thing in all cases. Especially if its a cgi-bin with insecure or untested scripts you dont want everyone to be able to execute.

At any rate, to answer your question, you add the 'umask' to the users profile, either in the /etc/profile or in their home directories ~/.profile or ~/.bash_profile. The umask '022' will give a '755' perm on all files and dirs that user creates. I'm not certain on files exported from samba, however. You may just have to chmod files and dirs by hand after they are sent over. Perhaps someone that uses samba for this task could shed some light. IMHO, as long as you've already set the 'www' dir 755, you should be good to go.

The umask command allows you to display or set the default file creation mask for a particular user. At the moment your file creation mask is set to 744 for whatever user it is that you are logging in with.

You can change this by putting the following line in either that users .profile or .login file:

umask 755

That sets the default file creation mask to 755, so when the file is created by that user it will have the permissions you specified.

You could also alter this in the /etc/profile file, but this file controls the environmental settings for all users so if you wanted other users to have different permissions you would have to specify them in each .login or .profile file for each individual user.

It sounds as if you would only want this ability for a few users (or possibly only one) so I'd only use the put the umask line in for that individual user and leave the /etc/profile settings as they are.

One other handy tip, if your not certain how a command is used in linux you can use the command:

man umask

The man command will pull up the manual page for the command in question and give you a lot more information on that specific command.

Stepdad

Originally posted by stepdad:
<STRONG>

umask 755

That sets the default file creation mask to 755... </STRONG>

No, that sets it to 022, which would be pretty useless to anyone. Remember, the umask is the inverse of the actual perms you want to use. Thus, a umask of 022 gives you files and dirs with the perms 755, it's inverse.

I really dont think umask is going to help anyway; he's using a Windows box and Samba to send files over; I'm not certain the user's umask even comes into play with Samba.

Thanks everyone, Ill give your suggestions a try.

here's a sample from my smb.conf file for my Homes shares.

[homes]
comment = Home Directories
writeable = Yes
create mask = 0644

And that adheres a 644 permission on each file inserted into that directory?

I just tried that, and it isnt working for me, this is from my smb.conf

[homes]
comment = Home Directories
browseable = yes
writable = yes
create mask = 755
force create mode = 0755

I have two lines here, the "force create mode = 0755" is sggested by my linux book, Red Hat Linux 6 Server, by Mohammed J. Kabir, it doesnt seem to work either.

Godot: could you descrive any other steps you took to get that configuration to work?

that's all i did, did you restart smbd and nmbd after editing smb.conf?

Yup, I "smbd stop, nmbd stop," then "smbd start, nmbd start" and tried transferring again from my windows machine to my home directory, which I set as /. I checked file permissions, and the file I transferred had a 744 permission.