Setting umask for sshfs mount
If I mount the sshfs server with no umask, i get -rw-rw-r-- on new created files. If I try and open a php file on the server on my browser, i get this error:
Incorrect file/directory permissions: Above 755.
In order files to be processed by the webserver, their permissions have to be equal or below 755.
So I tried with umask=0022: the new created files have -rwxr-xr-x. These permissions are fine, as the error above does not appear anymore. However, I can't understand why the new files are set as executables...
Could you please explain? Many thanks...
Answer
From sshfs manual:
-o umask=M
set file permissions (octal)
Note the manual mentions the option name is umask. So it is not the same values you would use in chmod, where 7 means rwx (binary 111). Instead, umask is a mask, as the name says.
For fuse, this mask is used as an inversion of the desired permission.
Then, from http://wiki.gilug.org/index.php/How_to_mount_SFTP_accesses#General_working_of_umask, we get the following:
[umask i]s a template-mask. Is as a chmod inverse, because is used for shading the permissions to be set when creating files and directories. As higher is the octal value, more restrictive (at binary level a bit 1 shades an attribute and a bit 0 allows it).
0 allows rwX
1 allows rw-
2 allows r-X
3 allows r--
4 allows -wX
5 allows -w-
6 allows --X
7 allows ---
So, if you supply 0022, the permission will go as follows:
- AND with
0777(see umask man page) to consider only "user", "group" and "others" permissions (i.e. discard first part of the mask).
000 000 010 010 -> 0022
AND
000 111 111 111 -> 0777
=
000 000 010 010 -> 0022
- Invert the three permissions.
000 010 010 -> 022
becomes
111 101 101 -> 755
If you don't want the files to be executable, but want them to be readable and writable (chmod 666), you should set umask to:
110 110 110 = 666 <- chmod value
001 001 001 = 111 <- umask value