The chmod Command

The chmod command seems simple to use, however, has a lot behind it. Learn everything you need to know about the chmod command.

Updated: 14 Dec, 21 by Antoniy Yushkevych 10 Min

List of content you will read in this article:

When you are using Linux, you must know that the file access is managed by certain attributes, file permissions, and the respective ownership. This way the authenticity of the users is guaranteed. Only the authorized users can access directories and several files. The entire Linux world runs through accessing files and directories. We are here to tell you how to use the chmod command to change such permissions. Before we analyze the primary topic, let us introduce you to the concept of the Linux permissions model.

 

Several files are associated with their respective owners. Also, there are a variety of users, read on:

  • Owner of the file
  • Group members
  • Rest of the users 

 

Moving on, here are several permissions types that you must know:

  • Read permission 
  • Write permission 
  • Execute permission

 

Well, with this you have the freedom to authorize users according to your needs. More precisely, you can be specific as to who reads, writes, or executes the files. Now, in order to check the file permissions, use the following ls command.

ls -l filename.txt

-rw-r--r-- 12 linuxize users 12.0K Mar 06 19:50 filename.txt

|[-][-][-]-   [------] [---]

| |  |  | |      |       |

| |  |  | |      |       +-----------> 7. Group

| |  |  | |      +-------------------> 6. Owner

| |  |  | +--------------------------> 5. Alternate Access Method

| |  |  +----------------------------> 4. Others Permissions

| |  +-------------------------------> 3. Group Permissions

| +----------------------------------> 2. Owner Permissions

+------------------------------------> 1. File Type

 

Now, what is all this, you may think? Fret not, here is a simple explanation!

The first character in the example above is a file type.

(-) symbolizes a regular file,

(d) symbolizes a directory,

(l) symbolizes a symbolic link.

 

Moving on, as you can see, next there are 9 characters that show the file permissions. Three triplets subsequently. The first triplet showcases the owner's permissions. The second triplet depicts the group permissions and the third triplet tells the rest of the permissions. 

Here, (rw-r—r—) tells that the owner contains the permission to read as well as write (rw-). (r—) shows that the group has only read permissions. 

We hope you are clear about the concept now.

 

Next up is: How do the permissions affect several files? Let's see.

Read  ‘-‘ 

This symbol means that the file is not readable.

Read ‘r’

This symbol tells that your file is readable.

Write ‘-‘

This symbol tells you that the file can not be amended.

Write ‘w’

This symbol showcases that the file can be amended.

Execute ‘-‘

This symbol says that the file can not be executed.

Execute ‘x’

This symbol depicts that the file can be executed.

‘s’

This symbol helps to set the ‘setuid’ bit in the user triplet and it sets the ‘setgid’ bit in the group triplet.

Now, if the ‘setgid’ flag is set the new files can be created. 

‘X’ flag is set too.

‘S’

Here the ‘x’ flag is not set. 

‘t’

It depicts that the ‘x’ flag is set. Additionally, the file owner, administrative user or directory’s owner are able to rename or even delete the files when the sticky bit is set on a particular directory.

‘T’

Here, the ‘x’ flag isn’t set.

 

Now, you should have an understanding of the permission syntax.

 

Who: For whom are you setting the permissions?

What: What are the amendments you want to make?

Which: Which permissions you are setting?

Who

There are some specific symbols used. Have a look.

u+x

Here, u stands for user and x stands for, executing the permission.

  • u: user - owner of a file
  • a: all - every user
  • g: group - members of the group 
  • o: others - members other than u and g

 

What

  • : removes the permission
  • : adds the permission

     =   : sets a permission 

 

Which

  • r: stands for reading the permission 
  • w: stands for writing the permission 
  • x: stands for executing permission 



Now, let us begin our primary topic and discuss various chmod commands.

 

Firstly, the syntax goes like this:

chmod [OPTIONS] MODE FILE

By executing this command, you are able to amend certain permissions of a file. You can also accept one or more files simply by using a space between them.

Next up is the syntax for the chmod command while using the chmod command:

chmod [OPTIONS] [ugoa…][-+=]perms…[,…] FILE…

[ugoa] simply means:

u - File owner

g - Members of the group

o - Other users

a - All the users 

 

Now, another set of flag is known as the operation flag, tells us the following:

  • - Removal of mentioned permissions 
  • + Addition of mentioned permissions 
  • = Amending the present permissions 

 

Further, understand and analyze the following commands:

  • Permission to only read a file, not to write or execute

            chmod g=r filename

  • To remove execute permission 

            chmod a-x filename

  • To not grant access to write permission for other users

           chmod -R o-w dirname

  • If you want to add the file owner’s permission to the members' permission

           chmod g+u filename

  • To remove read, write, execute permissions for the users but not the file owner

           chmod og-rwx filename 

Or

           chmod og= filename

  • To give permissions to read, write, and execute to the file owner, with no permissions to all the other users and read permission to the file group

           chmod u=Rex, g=r, o= filename

  • To add a sticky bit to a directory 

           chmod o+t dirname

  • To add the permission of the owner of the file to the member of the file’s group

           chmod g+u filename

 

Now, as we move on, here is the syntax of the chmod command to use in numeric method.

Here is a general syntax:

chmod [OPTIONS] NUMBER FILE

When you use this command, you again have the liberty to set permissions according to your needs. You can set them for anyone you want to, at the same time. Be it the owner, group, or all the users.

You can see NUMBER in the syntax, what does it mean?

It can be any digit. For instance, if you use a 3 digit number, the first one depicts the permission of a file owner. The second digit tells the permissions of the group. Lastly, the third one shows the permissions of all other users.

Now, you must know that the read, write, and execute permissions hold the below given values:

  • r (read) = 4
  • w (write) = 2
  • x (execute) = 1
  • no permissions = 0

 

If you are willing to find out permissions of the file in numeric mode, you just have to calculate the total of all the user classes.

For a better understanding, here is an explanation:

  • Owner: rwx = 4+2+1 = 7
  • Group: r-x = 4+0+1 = 6
  • Others: r-x = 4+0+0 = 4

 

As you can see, the number in front of you turns out to be 754. This is the numerical representation of the permissions you have set.

In the same way, if you want to use a 4 digit number, this is what it means:

  • setuid = 4
  • setgid = 2
  • sticky = 1
  • no changes = 0

 

Note to remember: If there is a 0 in front of a number, for instance, 0876, the number is read as 876. Both the numbers stand equal. 

Now, if you are looking forward to checking the file’s permission, use the follwing command,

stat -c “%a” filename

Output

644

 

We are presenting a list of some chmod commands in the above explained numeric mode.

  • To give the read and write permissions to the file owner. Additionally, only read permission to the group members and all the other users:

          chmod 644 dirname

  • To give read and write permissions to group members. And read, write, as well as execute permissions to the file owner. 

          chmod 750 dirname

  • To set read, write, and execute permissions recursively to the file owner. Along with that, no permission to other users:

          chmod -R 700 dirname

  • To give write, read, and execute permissions as well as sticky bit to a directory:

           chmod 1777 dirname

Now, 

How to use a reference line with chmod command?

chmod --reference=REF_FILE FILE

Here, --reference=REF_FILE helps you to set some of the file’s permissions to be a carbon copy of the mentioned reference file.

chmod --reference=fileA fileB

Here, you will be able to transfer the permissions from fileA to fileB.

 

Next up is, 

How to recursively change the permissions of a file?

If you want to access the files or directories recursively in a specific directory, follow this command:

chmod -R MODE DIRECTORY 

For a better understanding, have a look here:

chmod -R 755 /var/www

You can change the permissions of the files under the mentioned directory. Further, it will be applicable to 755.

 

Now, if you want to operate on symbolic links, use the following commands.

Note to remember: The number of permissions that symbolic links have is 777.

chmod 755 symlink

When you change the symlink permissions, chmod automatically changes the permissions of the mentioned file. If you want to recursively change multiple file permissions, here is the method you can follow:

 

Say, that you want to switch the permissions of the directory to 755 and file permission to 644.

For the Symbolic method, follow this:

find /var/www/my_website -type d -exec chmod u=rwx,go=rx {} \;

find /var/www/my_website -type f -exec chmod u=rw,go=r {} \;

For the Numeric method, follow this:

find /var/www/my_website -type d -exec chmod 755 {} \;

find /var/www/my_website -type f -exec chmod 644 {} \;

The find command helps you to search all the directories and files under the mentioned var/www/my_website.

 

The chmod command helps to change Some specific permissions. As you noticed that the permissions are set either by using the numeric or the symbolic method.  We hope that the information provided in this article added value to your knowledge and widened the horizons of your Linux usage.

Antoniy Yushkevych

Antoniy Yushkevych

Master of word when it comes to technology, internet and privacy. I'm also your usual guy that always aims for the best result and takes a skateboard to work. If you need me, you will find me at the office's Counter-Strike championships on Fridays or at a.yushkevych@monovm.com