Control who accesses files, searches directories, and executes scripts with the Linux command
chmod can. This command changes Linux file permissions, which look complicated at first glance, but are actually quite simple once you know how they work sets of permissions. There are three permission sets. One set for the owner of the file, another set for the fileset members, and one last set for everyone else.
The permissions control the actions that can be performed on the file or directory. They allow or prevent a file from being read, modified, or, if it is a script or program. For a directory, the permissions determine who can place
in the cd directory and who can create or modify files within the directory.
You can use the
chmod command to set these permissions. To see what permissions have been set on a file or directory, you can use
Viewing and Understanding File Permissions
You can use the format
-l (long format) option,
ls to list the file permissions for files and directories.
The first one in each line The character indicates the type of the listed entry. If it's a hyphen (
- ), it's a file. If it is the letter
d it is a directory.
The next nine characters represent the settings for the three permission sets.
- The first three characters specify the permissions for the user who owns the file ( user permissions ).
- The middle three characters show the permissions for members of the filegroup ( group permissions ).
- The last three characters show the permissions for Everyone who does not belong to the first two categories ( other permissions ).
Each permission set contains three characters. The characters are indicators of the presence or absence of one of the permissions. They are either a hyphen (
- ) or a letter. If the character is a hyphen, it means that no permission has been granted. If the character is a
w or a
x this permission was granted.
The letters represent:
- r : Reading rights. The file can be opened and its contents displayed.
- w : Write permissions. The file can be edited, changed and deleted.
- x : Execute permissions. If the file is a script or program, it can be executed.
---means that no permissions have been granted at all.
rwxindicates that full permissions have been granted. The reading, writing and execution indicators are all there.
In our screenshot, the first line starts with a
d . This line refers to a directory named "archive". The owner of the directory is "dave", and the name of the group to which the directory belongs is also called "dave".
The next three characters are the user permissions for this directory. These show that the owner has the full permissions. The characters
x are all present. This means that the user dave has read, write and execute permissions for this directory.
The second set of three characters are the group permissions, these are
r-x . These show that members of the Dave Group have read and execute permissions to this directory. That is, they can list the files and their contents in the directory and execute them in this directory
cd . You have no write permissions and therefore can not create, edit or delete files.
The last set of three characters is also
r-x . These permissions apply to people who are not subject to the first two permission sets. These persons (referred to as "others") have read and execute permissions for this directory.
In summary, group members and others have read and execute permissions. The owner, a user named dave, also has write permissions.
For all other files (except the mh.sh script file) dave and members of the dave group have Read and Write properties for the files others have read-only permissions.
For the special case of the mh.sh script file, the owner Dave and the group members have read, write, and execute permissions, and the others have read and execute permissions only.
Understanding Permission Syntax
chmod to set permissions, you must specify the following:
- Who: Who is set to have permissions?
- What : What are we changing? Are we adding or removing the permission?
- Which : Which of the permissions do we set?
We use indicators to represent these values and form short "permissions" such as
. u + x where "u" means "user" (who), "+" means "add" (what), and "x" means execute.
The "who" values we use may be use:
- u : User, ie the owner of the file.
- g : Group, ie members of the group to which the file belongs.
- o : Others, ie persons not subject to the
- a : All, ie all of the above.
If none of these values are used,
chmod behaves as if "
a " was used.
The "what" values we can use are:
- – : minus sign.Removes the permissions.
- + : plus sign.Gives permission.The authority is added to the existing permissions. If you want this permission and only this permission set, use the option described below
- = : Equals sign. Set a permission and remove others.
The following values can be used:
- r : The read permission.
- w : The write authorization.
- x : The execute permission.
Setting and changing permissions.
Let's say we have a file where everyone has full permissions.
ls -l new_file.txt  ls -l new_file.txt in a terminal window " width="646" height="97" src="/pagespeed_static/1.JiBnMqyl6S.gif" onload="pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);" onerror="this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);"/>
We want the user to have read and write permissions and the group and other users to have read permissions only , We can use the following command:chmod u = rw, og = r new_file.txt
operator "means that we delete all existing permissions and then set the specified ones.
Check the new permission for this file:ls -l new_file.txt
 The existing permissions have been removed and the new permissions have been set as expected.
How about adding permission without removing the existing permission settings? We can do that too.
Let's take we have a script file that we have finished editing, we have to make it executable for all users, the current permissions are as follows:ls -l new_script.sh
With the following command we can add the execute permission for all:  chmod a + x new_script.sh
If If we look at the permissions, we'll see that execute permission is now granted to everyone, and the existing permissions still exist.ls -l new_script.sh
We could have obtained the same without the "a". in the "a + x" statement. The following command would have worked just as well.chmod + x new_script.sh
Setting permissions for multiple files
We can apply permissions to multiple files at once.
These are the files in the current directory:ls -l
Let's say we want to use the write permissions for the "other" users of files remove the extension ".page". We can do this with the following command:chmod or * .page
Let's check what effect this had:ls -l  ls -l in a terminal window " width="646" height="322" src="/pagespeed_static/1.JiBnMqyl6S.gif" onload="pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);" onerror="this.onerror=null;pagespeed.lazyLoadImages.loadIfVisibleAndMaybeBeacon(this);"/>
As we can see, the read permission has been removed from the ".page" files for the "other" user category. No other files were affected.
If we wanted to include files in subdirectories, we could have used the option
-R(recursive).chmod -R or * .page  Numeric Shorthand
Another way to use
chmodis to give the permissions you want to the owner, the group, and other people , indicate as three-digit number. The figure on the far left represents the authorizations of the owner. The middle digit represents the permissions of the group members. The rightmost digit represents the permissions for the others.
The digits that you can use and what they represent are listed here:
- 0: (000) No permission.
- 1: Execute (001) authority.  2: (010) Write permission.
- 3: (011) Write and execute permissions.
- 4: (100) Read authorization.
- 5: (101) Read and execute permissions.
- 6: (110) Read and Write permissions.
- 7: (111) Read, Write and Execute Permissions.
Each of the three permissions is represented by one of the bits in the binary equivalent of the decimal number. So 5 means 101 is in binary, read and execute. 2, 010 in binary, would mean the write permission.
Use this method to set the permissions you want. You do not add these permissions to the existing permissions. So, if you already have read and write permissions, you must use 7 (111) to add execute permissions. Using 1 (001) would remove the read and write permissions and add execute permission.
Add the read permission for the other user categories back to the page ".page". We also need to set the user and group permissions so we need to put them on what they already are. These users already have read and write permissions (6 (110)). We want the "others" to have read and access rights, so they must be set to 4 (100).
The following command does this:
chmod 664 * .page
Sets permissions required for the user, group members, and others , The permissions of the users and group members have been reset to the ones already existing and the read permissions have been restored for the other users.
Advanced Options  If you read the manpage for
chmod you will see some advanced options that apply to the SETUID and SETGID bits as well as the limited erase or "sticky" bit.
For 99% of The cases for which you need
chmod are covered by the options described here.