How do I tell sudo to write files with a umask of 0022?
Solution 1
I ended up adding the following to my .bashrc
configuration script:
# Mimic old behavior of `sudo` on OS X Snow Leopard
sudo() {
old=$(umask)
umask 0022
command sudo "$@"
umask $old
}
Solution 2
Mac OS X 10.7 (Lion) finally has a version of sudo that supports umask_override. For the record, this works for me:
Defaults umask_override
Defaults umask=0022
Solution 3
how about:
sudo22() {
local UMASK=`umask`;
umask 22;
sudo "$@";
umask $UMASK
}
Solution 4
With your .bashrc
if [[ $EUID -eq 0 ]]; then
umask 0022
else
umask 0077
fi
Solution 5
For the record: the current version of sudo as a new option 'umask_override', which should prevent the umask's from being merged, so you should be able to lower the umask, too. Sadly, Mac OS X 10.6.6 does not seem to sport this version of sudo ...
Related videos on Youtube
mipadi
Just some guy, y'know? I write code for Industrial Light & Magic. I'm writing a book on Objective-C. Or rather, I was. Thanks to Apple, I'm now writing a book on Swift. You can check it out here. Oh, I also wrote a URL shortener for Stack Overflow profiles. Feel free to use it if you want!
Updated on September 17, 2022Comments
-
mipadi over 1 year
I recently upgrading to Snow Leopard. I have noticed that some files written by MacPorts are installed with the wrong permission -- they are written with a umask of 0077. I think I have narrowed down the problem:
- The
port
command is invoked viasudo
. - My
.bashrc
file specifies a umask of 0077. - On older versions of OS X (10.5 and below), sudo used the umask of the root user (which was 0022); however, now it uses my umask of 0077.
Is there anyway to have
sudo
use the old behavior? Right now, it's kind of annoying because I have to usesudo
to run simple commands likeport installed
,port outdated
, etc.(The problem is described in more detail in this MacPorts ticket.)
Edit
I discovered the
umask
option for sudo, and in/etc/sudoers
I added the following line:Defaults umask=0022
However, this did not function as desired, because the real umask used by
sudo
is the union of the user mask with this default mask. In order to override the behaviour ofsudo
's umask and use the default directly (i.e., not the union of the user and default sudo mask), one can add the following:Defaults umask_override
- The
-
mipadi over 14 yearsGood idea! Unfortunately, a little investigation shows that Snow Leopard's
sudo
doesn't actually (re-)source.bashrc
, but inherits the current setting from the user that invoked sudo. -
Darren Hall over 14 yearsYou'll have to use the function workaround as listed in the other answer then.
-
Michael over 10 yearsCan you make this work on a per command basis? I would like to umask 0022 normally, but then invoke umask 0006 in a single circumstance, but the above ignores that.