Issue #14 December 2005

Ask Shadowman

Shadowman envies his friends in the southern half of the world this time of the year. While Shadowman figures out which fleece goes best with his funky red lid, the Aussies and Brazilians are reminding him that they've got, oh, about a million kilometers of sunny December beachfront to enjoy between them. Ipanema, Copacabana, Bondi. Ah, yes.

But anyway. Winter shall also serve its purpose, and the short, cold, dark days help to focus Shadowman's thoughts on more pressing matters. Like the Creative Commons annual drive for cash! They do great work, they have cool stuff, and they really need your support. Shadowman's got his wallet open; now it's your turn. It's the high holy days, and everybody's in a giving mood, so hey: how about givin' a lil' somethin' somethin' to freedom.

Got a question that you'd like Shadowman to answer? Ask him.

Vishal asked:

Dear Sir, I am a little bit confused from the umask command. Please tell me how to calculate actual value of permissions of the file.

To which Shadowman replies:

"Sir!" That's right! Usually Shadowman only hears "sir" when he's sitting down for a gourmet meal. So we're getting off on the right foot, aren't we? Readers, do you feel the respect and the love? Vishal's momma and daddy clearly raised him right. Take a lesson.

Now. To understand umask, you need to understand how file permissions work in UNIX and Linux. Go to your machine and run "ls -l" -- that means "list files, long format". At the beginning of each file, you'll see a whole string of rs, ws, xs, and dashes. Those indicate the permissions of the file.

For example: Shadowman might have a file that looks something like this:

  drwxr-x---   1 s-man   staff      3853 14 Dec 23:32 letters

Note the jumble of letters on the left. The first letter indicates the type of the file -- a directory in this case. The last nine letters indicate the file's permissions -- three different permissions for three different types of user.

The first three letters define the owner's permissions. The owner in this case is s-man, and s-man's permissions to this file are "rwx," or read, write, and execute. Basically, s-man can do anything to this file.

The second three letters define the group's permissions. Since the file is owned by the "staff" group, any user in that group has the same group permissions. In this case, the permissions are "r-x", so "staff" users can read or execute this file.

The last three letters define the permissions for everyone else. Since the permissions are all dashes, that means that no one else has any access to this directory at all.

The important thing to understand is that these permissions can also be represented in a three-digit octal number. r=4, w=2, and x=1; add them up and string them together. The file permission for the directory above, then, would be 750 (4+2+1, 4+0+1, 0+0+0).

The perceptive reader may ask, "when a new file is created, what are its permissions?" Well, that is exactly what umask does. A new file has the default permission of "all access for everybody minus the umask value".

The default umask value is "022" pretty much everywhere in the civilized world. Therefore, new directories, which would ordinarily be created as 777 (4+2+1, 4+2+1, 4+2+1) would instead be 755 (4+2+1, 4+2+1 minus 2, 4+2+1 minus 2). Similarly, plain old new files, which would ordinarily be created as 666, would instead be created as 644.

So the default umask basically takes away the ability of other people to write to new files you've created, but still allows them to read those files. Any user can set a new default umask for their own files; 066 is a popular umask for the deeply paranoid, for instance, and 000 is a good umask for free love hippies and libertarians.


Garfield asks:

Where can I find all directives for the fstab file?

To which Shadowman replies:

Presuming that you already have a basic understanding of what fstab is for -- i.e. a configuration file that describes all of the partitions and storage devices on your system -- Shadowman would point you to the good folks over at tuxfiles, who have written a nice little article called "How to edit and understand fstab."

Shadowman sincerely hopes you're not asking because you've been poking around your fstab file randomly, and suddenly you've discovered a growing rift between you and your hard drive. That would be tragic.


Dani said:

I love redhat

To which Shadowman replies:

Thanks, Dani! redhat loves you back. Except for that guy in facilities. He's not really the lovey-dovey kind. But the rest of us totally dig you.


Sergio asks:

How do I build a custom DVD with Fedora Core 4 updated? I need it to install on off-line computers. Something like this but a little easier.

To which Shadowman replies:

As it happens, that document is still a pretty good overview. The basic idea: 1. Get all the packages into an install tree; 2. Generate the header list for the new set of packages; 3. build your new install images. The rest is just details -- some of which will likely be infuriating.

When you run into trouble, you might want the support of the developers of the anaconda installer. Maybe you could hang out with them on their mailing list. You might also want to get in touch with any of the 63 projects that have successfully built their own customized distribution based on Fedora.

And hey, if you end up finding some bugs in that original article, maybe you could even write your own, and put it up on the Fedora Project wiki for others to share and enjoy.

Happy hacking, Sergio.