Linux Umask Calculator
Calculate Linux umask values and preview the resulting default permissions for new files and directories. Supports octal input, presets, and symbolic output.
Input
Output
Readme
What is umask?
umask (user file-creation mode mask) is a Linux and Unix setting that controls the default permissions assigned to newly created files and directories. Instead of setting permissions directly, the umask defines which permission bits should be removed from the system defaults when a new file or directory is made.
The system starts with a base permission of 666 (read and write for everyone) for files and 777 (read, write, and execute for everyone) for directories. The umask is then subtracted bitwise from these defaults using a logical AND-NOT operation, producing the final permissions. For example, with a umask of 022, new files end up with 644 and new directories with 755.
Each umask digit corresponds to a permission class: the first digit affects the owner, the second the group, and the third others. A digit of 0 means no permissions are masked out, while 7 removes all permissions for that class.
Tool description
The Linux umask Calculator converts a umask value and a base permission into the resulting effective permissions in both octal and symbolic notation. It also generates the exact umask shell command, helping system administrators, developers, and DevOps engineers preview the outcome of any umask before applying it to a shell, script, or system configuration.
Examples
| Umask | Base | Resulting Octal | Symbolic |
|---|---|---|---|
| 022 | 666 | 644 | rw-r--r-- |
| 022 | 777 | 755 | rwxr-xr-x |
| 077 | 666 | 600 | rw------- |
| 027 | 777 | 750 | rwxr-x--- |
| 002 | 666 | 664 | rw-rw-r-- |
Features
- Calculates resulting octal and symbolic permissions from any umask
- Supports both 3-digit and 4-digit (with leading sticky/setuid bit) umask values
- Common umask presets (022, 027, 077, 002, 007, 000)
- Base permission presets for files (666) and directories (777)
- Generates the ready-to-use
umaskshell command
Use cases
- Server hardening: Preview a stricter umask like
077before adding it to/etc/profileor a user's shell configuration to ensure new files are private. - Shared development environments: Verify that
002or007produces group-writable files for collaborative project directories. - Deployment scripts: Confirm the umask used in CI/CD pipelines or container entrypoints will produce the expected file permissions for application logs and uploaded assets.
How it works
The final permission is calculated for each class (owner, group, others) using the formula:
final = base AND (NOT umask)Each octal digit is processed independently. For a umask digit of 2 (binary 010) and a base digit of 6 (binary 110), the result is 110 AND NOT 010 = 100, which equals 4 (read-only). The leading digit of a 4-digit umask controls special bits (setuid, setgid, sticky) and is ignored in the standard permission calculation.
Tips
- Use
666as the base to see permissions for new files, and777for new directories. - A umask of
000means no permissions are stripped — useful only in tightly controlled, isolated environments. - To make the umask permanent, add the generated command to
~/.bashrc,~/.profile, or/etc/profiledepending on the scope you want.