How to set umask for a folder and it's subfolder?

Question

I'm working on the same directory with some friends and they access it via SSH.

I added us in the same group and defined a sticky bit to keep the user:group values the same.

But when a user create a file/folder, the Write attribute is not defined for the group, disabling other to write it/on it.

How can I define the Umask to add the Write value for groups in the specific directory and it's subfolders ?

I tried to find some help before, but I only saw helps for Fedora/CentOs, and I'm using Debian Squeeze.

Thanks for your help

score 6 · Accepted Answer · answered Jun 27 '13 at 15:12

I assume that you did already:

chmod g+rwxs directory

and now you have to make sure that the users have a umask like 002. To setup the umask for all the users, try in /etc/bashrc or /etc/profile.

caveat: you cannot setup a umask per directory as it's a process level thing.

Interesting read http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html

score 5 · Answer 2 · edited Nov 06 '23 at 22:23

Here's a comprehensive example using setfacl which gives you that granular control you requested on a per-directory basis where new files will be created with the write attribute for the group:

Create the group that will own the shared folder:
```
sudo addgroup projects
```
Create the folder "project1" we want to share in an appropriate FHS path such as /srv:
```
sudo mkdir /srv/project1
```
Change ownership of the shared folder "project1" to group "projects":
```
sudo chown root:projects /srv/project1
```
Set the mode on the folder to be be writable to group members, but only allow the owner to delete their own files:
```
sudo chmod -R 1775 /srv/project1
```

Add your users to the group "projects":

sudo usermod -a -G projects user1
sudo usermod -a -G projects user2

Users must log-out and log back in to recognize the new group memberships
Finally, apply setfacl so all new files are created writable by group members:
```
sudo setfacl -d -m group:projects:rwx /srv/project1
```

Users can now edit each other's files. In terms of managing group documents, a versioning system such as Git is going to be a better solution

score 0 · Answer 3 · answered Jun 27 '13 at 15:14

The umask is an attribute of a user's environment (more specifically, a process) rather than a directory. So each of the users sharing that directory should add the following umask command to their ~/.profile:

umask 002

This will make files they create group-writeable by default.

How to set umask for a folder and it's subfolder?

3 Answers3

Linked