I've got bizzare issue. There's a dir created by me with permissions 755. I'm working with a piece of software. After I'm done I save the output of my work to the same folder. Files get saved with permissions 644 (?). With different program I'm creating other files, and they are saved with permissions 700.
Can someone explain what controls that, and how it can be fixed?
Thanks
A folder has a default umask of 022, so that every file saved has 644 permissions. 022 is the default umask for root. the default for other users is usually 02 (664). The other application is probably running under another user so it has other prmissions for files created by it. To 'fix' (not really a fix as this is the expected behavior), you can change the mode using chmod.
The permissions set on files is controlled by the user writing that file, not by any sort of inheritance.
When an application writes files, it must do so as a user (usually a dedicated user, such as "www" or similar). Users have set defaults for what we call "umask" in /etc/profile and possibly within /etc/profile.d/. Within those files are global settings for all users.
These can be overridden per-user by placing a file named .profile within that user's home directory with the following line (adjusted to taste depending on your requirements):
umask 022
Where setting default permission modes per-user isn't practical, you can accomplish permissions mode inheritance with the use of ACLs. A "default acl" applied to a directory will define a default permission set for every file or folder created within that directory with a default ACL set.
For example, you could can display ACLs on a directory like so:
getfacl <directory>
And if you want to change the default ACL to implement user-independent permission inheritance, you can change the default ACL. In this command, the "-m" switch is to enable modifications, and the "d:" entry specified that the following ACL should be the inheritable "default":
setfacl -m d:o:rx /share
In the above case, one would be setting the /share directory to allow "others" to read and execute everything that is created within that directory. Existing files are not affected by this rule, and would need to be updated if necessary.
More information on working with ACLs can be found here.
