An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#9134 - 04/01/10 11:49 AM Anyway to get read/write for everyone as default?
kevs Offline


Registered: 12/07/09
On my new excel files, the "everyone" defaults to read only.
So everytime someone want to work on it over my network I have to make it read/write.
Anyway to change that default? thanks!

Top
#9139 - 04/01/10 07:02 PM Re: Anyway to get read/write for everyone as defau [Re: kevs]
ganbustein Offline


Registered: 08/04/09
You need to change the default umask. You can do that with either of the following commands:

launchctl umask 000
launchctl umask 002


The change won't take effect until the user logs out and back in again.

The first of these does what you asked for, but the second achieves your goal more safely. A umask of 0 means that by default all new files are read/write to everyone; a umask of 2 means that by default all new files are read/write to everyone in the group.

If you use the latter, you retain some control. Change the group of shared folders to set the group assigned to new files in that folder, then put your network users into corresponding groups according to which shared folders contain the files you want them to have write access to.

Be aware that the umask applies to ALL new files and folders, not just to Excel spreadsheets. You may be opening things up more than you realize.

Some installers may misbehave if the umask isn't the 022 that they expect.

Top
#9140 - 04/01/10 07:36 PM Re: Anyway to get read/write for everyone as defau [Re: ganbustein]
kevs Offline


Registered: 12/07/09
Gan,
This is a closed loop. only me who owns and works this computer.
So the default is correct that my new files are read only on the network?

I'ts highly annoying becuase I tell an assistant to work on a file (via their laptop and the router...) and I always have to go back to my computer to make the file read/write.

But again. I don't want new side issues as you mentioned about installers etc.

Top
#9149 - 04/02/10 10:25 AM Re: Anyway to get read/write for everyone as defau [Re: kevs]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
that appears to change the umask that finder uses. how do you change the umask that terminal uses?
_________________________
I work for the Department of Redundancy Department

Top
#9152 - 04/02/10 10:50 AM Re: Anyway to get read/write for everyone as defau [Re: Virtual1]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
just issue...
umask 0022
...or whatever setting you prefer.

[type help umask for a short blurb about it.]

-edit-

Hey cool: i never knew we could talk to it symbolically...

$ umask u=rwx,go=
$ umask
0077
$ umask g=rx
$ umask
0027
$ umask go=rx
$ umask
0022



Edited by Hal Itosis (04/02/10 11:07 AM)
Edit Reason: further reduction

Top
#9153 - 04/02/10 11:07 AM Re: Anyway to get read/write for everyone as defau [Re: Hal Itosis]
kevs Offline


Registered: 12/07/09
You guys have lost me, let me try again:

So the default is correct that my new files are read only on the network?

Top
#9154 - 04/02/10 11:26 AM Re: Anyway to get read/write for everyone as defau [Re: kevs]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
That sounds like a logical default to me.

What sort of additional access have you specifically set up in the System Preferences -> Sharing panel?

[File Sharing // Shared Folders: // Users: // Read & Write // etc.]

You might need to set all items in the shared folder to be in the staff group in Finder... and/or perhaps modify the ACLs (using Terminal), but that would come last (if needed at all).

[as usual, your description of all that has been done so far is quite minimal... so i thought i'd wait (as the info slowly trickled out), before engaging in deep thought.  plus... you were in good hands with ganbustein there.]

--

Speaking of the devil and ACLs... i think i can "share" this link: Basic "shared folder" quiestion [sic]


Edited by Hal Itosis (04/02/10 11:42 AM)
Edit Reason: more better english

Top
#9159 - 04/02/10 02:02 PM Re: Anyway to get read/write for everyone as defau [Re: Hal Itosis]
kevs Offline


Registered: 12/07/09
Hal,
thanks for bringing me back to system prefs. But I don't anything there about permissions.

Top
#9160 - 04/02/10 03:28 PM Re: Anyway to get read/write for everyone as defau [Re: Hal Itosis]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
umask appears to reset to default (022) when you logout and login again. (in terminal) so it behaves more like a shell variable than anything else

not particularly useful unless you set it in your .profile, and I wouldn't expect it to work in other processes or in Finder?

i.e. if you open a terminal window and change the umask, it sticks. but if you then leave that window open even, and make a new terminal window and check umask, it's back at default

There's a daemon app that I'd love to set the umask to 002 instead of 022 because although I can assign the group to the files it makes, I cannot define the mask, so all the files it makes are read-only to the group it's a part of, and I have to update them all the time.

I tried using "sudo -u daemonusername umask 002"
but it acted as though I had not done it when I tried
"sudo daemonusername umask", it was back at 022. it was then that I tried logins with terminal and found that the umask did not affect new login sessions.
_________________________
I work for the Department of Redundancy Department

Top
#9171 - 04/02/10 11:38 PM Re: Anyway to get read/write for everyone as defau [Re: Virtual1]
Hal Itosis Offline


Registered: 09/03/09
Loc: 10.6.8 (build 10K549)
Originally Posted By: Virtual1
umask appears to reset to default (022) when you logout and login again. (in terminal) so it behaves more like a shell variable than anything else

not particularly useful unless you set it in your .profile, and I wouldn't expect it to work in other processes or in Finder?

i.e. if you open a terminal window and change the umask, it sticks. but if you then leave that window open even, and make a new terminal window and check umask, it's back at default

Zero surprises there. [would you expect it to work any different?]
As you noticed... if it needs to "stick" then put it in a startup file.


Originally Posted By: Virtual1
There's a daemon app that I'd love to set the umask to 002 instead of 022 because although I can assign the group to the files it makes, I cannot define the mask, so all the files it makes are read-only to the group it's a part of, and I have to update them all the time.

A daemon app? What's its name? Doesn't launchd manage it?
The umask can be set in its launchd.plist (see man launchd.plist)


Originally Posted By: Virtual1
I tried using "sudo -u daemonusername umask 002"
but it acted as though I had not done it when I tried
"sudo daemonusername umask", it was back at 022.

If you wish to run it from a command line (as opposed to tweaking the launchd.plist as just recommended), those commands don't look like they'd work.

This one maybe:
( umask 002 && daemonusername )

The parens put those items in a subshell, so the umask change doesn't affect the current terminal.


EDIT:
Originally Posted By: Virtual1
and I wouldn't expect it to work in other processes or in Finder?

Well... the question you initially asked was specific to terminal:
Quote:
that appears to change the umask that finder uses. how do you change the umask that terminal uses?

And now It seems you're looking for a global tweak???

I vaguely recall we can tinker with "NSUmask" in these files:
~/.MacOSX/environment.plist
~/Library/Preferences/.GlobalPreferences.plist
[and iirc they use decimal (not octal) values]

Google should turn up something... e.g.,
umask GlobalPreferences
or
umask environment.plist

EDIT:
Maybe those are obsolete in Leopard... How to set NSUmask in Leopard
Looks like we tweak umask in a file we create: /etc/launchd.conf


Edited by Hal Itosis (04/03/10 12:18 AM)

Top
#9174 - 04/03/10 01:40 AM Re: Anyway to get read/write for everyone as defau [Re: kevs]
ganbustein Offline


Registered: 08/04/09
Originally Posted By: kevs
Gan,
This is a closed loop. only me who owns and works this computer.
So the default is correct that my new files are read only on the network?

I'ts highly annoying becuase I tell an assistant to work on a file (via their laptop and the router...) and I always have to go back to my computer to make the file read/write.


You're contradicting yourself. First you say it's only you, and then you say that it's also your assistant.

The default is that only the creator of a file can write to it. Unix strives for flexibility, though, so they achieve that default in a way that doesn't carve it into stone: applications actually try to create files with 666 permissions (read/write but not execute for everyone) and directories with 777 permissions (read/write/execute for everyone), but there is a quantity called the 'umask' which gets logically subtracted from that. The default umask is 022, which subtracts 'write' from the group and from others, leaving only the owner with write access.

But you can change the umask. Setting the umask to 000 lets files/directories get created with their full 666/777 permissions. Or you could set the umask to 002, which subtracts write access from others while leaving it in place for the group. I'd recommend 002 as safer than 000.

So, how does the default 022 umask get set, and how do you change the default?

Well, one way or another everything running on a Mac gets launched by launchd (or exec-ed by something that was launched by launchd). Unless it explicitly changes its umask, every process keeps the value that launchd gave it (or that it inherited from the process that exec-ed it). You configure launchd using a command-line tool called launchctl. The command

launchctl umask 002

tells launchd to launch all new tasks with a umask of 002. To make that new value propogate to your GUI applications, you have to quit and restart them.

Once you've done that, all new files will be group writable, with 'the group' being whatever group the folder the file is being created in belongs to.

The only remaining step is to make sure your assistant is in that group. You can Get Info on the folders you'll be creating files in to see what group(s) your assistant needs to be in, and add the assistant to those groups in System Preferences->Accounts (or change the group of those folders to some group the assistant is in).

Top
#9175 - 04/03/10 02:07 AM Re: Anyway to get read/write for everyone as defau [Re: Virtual1]
ganbustein Offline


Registered: 08/04/09
Originally Posted By: Virtual1
that appears to change the umask that finder uses. how do you change the umask that terminal uses?

Setting umask using launchctl affects all new GUI applications, including Terminal.app.

You can make Terminal override the umask it inherits by setting a new value in one of the shell startup scripts. Indeed, you may already be doing that.

The launchctl setting does not seem to affect ssh sessions, probably because sshd runs as root and inherits the umask that would be set by

sudo launchctl umask mask

(I'm guessing. I haven't tested that.)

Top
#9266 - 04/06/10 10:54 AM Re: Anyway to get read/write for everyone as defau [Re: ganbustein]
kevs Offline


Registered: 12/07/09
Guys,
I'm moving this to a new thread, as a new more urgent issue has developed:

http://www.finetunedmac.com/forums/ubbthreads.php?ubb=showflat&Number=9265&#Post9265

Top
#10800 - 06/30/10 08:22 AM Re: Anyway to get read/write for everyone as defau [Re: kevs]
kevs Offline


Registered: 12/07/09
k, guys, back from vacation.
the intern, can save many files, but not the two we are working on!
What is it with these two files? says access denied when she does a save.

I took these two files, and did save as, made them new files. made sure read/write for both. out of ideas

Top

Moderator:  alternaut, dkmarsh, joemikeb