Leopard umask

This is one of those I-keep-forgetting-how-to-do-this posts, so I'm writing it down. It's certainly been posted elsewhere, but I'm tired of going looking every time I need it. So here it is. In Tiger a simple defaults command could be used to modify a user's umask (a setting that controls the default permissions for newly created files and folders). Leopard, however, changes the way this is done. Leopard instead uses a launchd configuration file. To create a custom umask for all users of a system (i.e. all user-level processes):

  1. Create a file called launchd-user.conf.
  2. Place the file in /etc/
  3. Enter the property, then the umask setting in the file, like so: umask 002
  4. Restart the machine.

The restart may not be necessary, but if I recall it was the only way I could get it to work. If you don't want to reboot, you'll at least need to restart launchd and any application or process you want to use the new setting. Rebooting, though, is a nice catch-all.

Some additional info: if you want virtually all applications (i.e. system-level processes) to use a custom umask, you can leave the "user" off the file name. Using /etc/launchd.conf will have said affect, but it is not recommended by Apple (or me for that matter).

Setting a custom umask in general isn't something I recommend either, but it's damn handy in certain file sharing environments in which multiple users need access to the same stuff, but where ACLs — the preferred method for setting up complex file sharing permission sets — aren't an option. Creating a common group for the users and setting up their umask to create files and folders that are group-writable is an acceptable workaround in many scenarios. Which, by the way, is what the above setting will do. A umask of 002 will create files with permissions of 775 (the opposite of 002 — it's a mask, silly).

Okay then. Happy umasking!