override_umask.5 (2010 09)
o
override_umask(5) override_umask(5)
(Tunable Kernel Parameters)
NAME
override_umask - dynamically enable or disable overriding the umask settings while creating files in a
directory having default ACLs
VALUES
Failsafe
0 (off)
Default
0 (off) overriding umask settings is disabled
Allowed values
0 (off) or 1 (on)
DESCRIPTION
This tunable dynamically enables (
1) or disables (
0) overriding umask settings (file mode creation mask,
see umask (2)) while creating files through
open(), creat(), mkdir(), mknod(), and symlink()
system calls.
When the tunable is disabled, umask settings are applied to the file creation mode while creating files;
this is the legacy behavior (HP-UX 11i v3 and previous releases) where the default ACLs, if present for
the parent directory, cannot override umask values, see aclv (5). While creating files through the above
system calls, the file creation mode is applied with the file mode creation mask (umask) of the process
(see umask(2) and open (2) or creat (2)).
In secured environments where umask settings are restrictive (for example 077), files created without
overriding umask will have permission all set to zeros for group and others even when the parent direc-
tory has the default ACLs. Enabling this tunable allows the files to be created with file mode unaffected
by umask. The new file mode is obtained from the intersection of specified file mode along with the
default ACLs of the parent directory, as previous behavior. Disabling this tunable will preserve that old
behavior.
The following is a summary of what happens when the override_umask
tunable is enabled:
• When creating files through the above system calls, the file mode creation mask is not considered or
applied to the file creation mode while creating files in a directory that has default ACLs.
• If the parent directory does not contain default ACLs or if there is a problem reading the default
ACLs, the file creation mode will be determined by the process file creation mask.
• This new behavior is applicable for files created by user space applications only. Files created inside
the kernel by various kernel subsystems (such as process core file) will not override the umask set-
tings.
• This new behavior is supported by those file systems which supports SYSV ACLs.
Who Is Expected to Change This Tunable?
System administrators who wish to change the default file creation behavior.
Restrictions on Changing
Changes to this tunable take effect immediately.
When Should the Tunable Be Turned Off?
If an application depends on the legacy file creation behavior, where the process creating files in a
secured environments expects the umask to be applied as it is, the
override_umask tunable should be
turned off to get the legacy file creation behavior.
What Are the Side Effects of Turning the Tunable Off?
None.
When Should the Tunable Be Turned On?
If an application wants to ignore process umask settings for file creation in a secured environment and
expects files to be created with the default ACLs of the parent, this tunable should be enabled.
What Are the Side Effects of Turning the Tunable On?
Files restored from an archive or backup inside a directory having default ACLs may have the file mode
and permissions different from the one in the backup. This is because of ACL inheritance and the
HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1