Set File Permissions With chmod In Linux

If you have ever needed to protect your files, or set a directory to read only in Linux, you have probably used chmod. If you didn’t, then you probably wished that you had heard of chmod. Chmod stands for change mode and allows the user to modify access permissions to specific files.

To display a file or directories current permissions you can use the ls command. For example:

$ ls -l
-rw-r--r--  1 erik erik       1014 2010-10-28 13:30 taps.sh

The first column of -rw-r–r– is actually showing you the current file permission for taps.sh . The output is actually broken into four parts.

-| rw- | r– | r– . The first column is used to identify:

• – denotes a regular file
• d denotes a directory
• b denotes a block special file
• c denotes a character special file
• l denotes a symbolic link
• p denotes a named pipe
• s denotes a domain socket

The second column outlines what the current users permissions are, the third column outlines what group members are allowed to do, and the forth column outlines what other users may do. The following table outlines in detail the column information. The chmod functions as:

$ chmod [Reference][Operator][Mode] file1 file2 etc.

The chmod command will use the following operations to modify the user, group, and other fields. For example:

The modes indicate which permissions are to be set for read, write, execute. For example:

Here are some examples using the symbolic notation of changing the file permissions.

Add Read and Write Permissions to User and Group classes

For example:

$ ls -l taps.sh
-rw-r--r-- 1 erik erik 1014 2010-10-28 13:30 taps.sh
$ chmod ug+rw taps.sh
$ ls -l taps.sh
-rw-rw-r-- 1 erik erik 1014 2010-10-28 13:30 taps.sh

Notice in this example, only the group class (third column) changed because I already had write permissions as the current user.

Add Read, Write, Execute to User and Group

Lets say we want taps.sh to have all permissions to those who are lucky enough to be in our group, or be us. To do so:

$ chmod +rwx taps.sh
$ ls -l taps.sh
-rwxrwxr-x 1 erik erik 1014 2010-10-28 13:30 taps.sh

Using the chmod +rwx command, we ‘add’ the read, write, and execute option to our file.

Well that is all great, but for me I usually want to other make a file read only for myself, or executable for anyone. This can be done using numerics rather than using these symbolic notations mentioned above.

Numeric Example For Read-Only

The numeric’s group values together, for example:

I use chmod 644 filename quite often. This sets the permissions to read only for group and other, i.e. only the user may read or write to the file.

$ ls -l taps.sh
-rwxr-xr-x 1 erik erik 1014 2010-10-28 13:30 taps.sh
$ chmod 644 taps.sh 
$ ls -l taps.sh
-rw-r--r-- 1 erik erik 1014 2010-10-28 13:30 taps.sh

Numeric Example For Execute

Another favourite of mine is execute by anyone. This comes in the form of 755.

$ ls -l taps.sh
-rw-r--r-- 1 erik erik 1014 2010-10-28 13:30 taps.sh
$ chmod 755 taps.sh 
$ ls -l taps.sh
-rwxr-xr-x 1 erik erik 1014 2010-10-28 13:30 taps.sh

So the 755, referring to the table means. User = 7 = all, Group = 5 = read and execute, Other = 5 = read and execute, as shown in the ls output above. This way you can mix and match the numerics, if you want it open to everyone you can use 777.

Change Permissions Recursively With ‘chmod -R’

If you want to set the permissions for all files under a directory to the same setting, you can pass the -R command in front of the permission you would like to use.

$ chmod -R 777 /home/erik/

This will set every file under my home directory to ‘all’, i.e. read, write, execute by anyone.

Hopefully this makes sense to you. Rather than giving you a huge set of examples, I hope I have taught you how to fish!