Why doesn't umask set the execute bit?

Question

I'm new to Linux. I have been practicing a few commands. My question is about when I'm creating different files using a different umask. For example:

umask 222, as I understand it, is the same as 777 - 222 = 555, so when I create a new file (call it "newfile"), then newfile's permissions should be r-xr-x-r-x (or am I wrong?)

Whatever: "newfile" was created with r--r--r-- permissions.

My umask value in /etc/profile is:

if [ $UID -gt 199 ] && [ "`id -gn`" = "`id -un`" ]; then
    umask 002
else
    umask 022
fi

My uid is 1002.

Note: Just for the record, I've already read all the umask questions and documentation from man and I can't understand it yet.

Answer 1

Most programs create files without the execute bits set (0666 == -rw-rw-rw-). Execute bits are pretty much only set by the compiler, during installation of an executable, or manually by the user.

Then the umask is applied, to determine the actual permissions.

create    0666 rw-rw-rw-
umask     0222 r-xr-xr-x
effective 0444 r--r--r--

Note that it's not actually a subtraction, but a bitwise AND of the complement.

So it takes 0777 - 0222 = 0555, and does

  OCTAL  BINARY       HUMAN-READABLE
  0666   0110110110  -rw-rw-rw-
& 0555   0101101101  -r-xr-xr-x
  0444   0100100100  -r--r--r--

See also Can not explain ACL behavior

Answer 2

Wiki has a good description of umask. A 0 bit means whatever the creating process specifies goes through, while 1 means it doesn't.

So '222' means ignore the write premissions for user, group and others, but keep the read and execute bits.

In your example, whatever created newfile didn't set the execute bit (generally when you create a new file you don't make it executable), and that's why you are getting r--r--r-- rather than r-xr-xr-x.