chmod Command in Linux [With Examples]

Written by: Linuxopsys   |   Last updated: June 12, 2023

In UNIX/Linux systems, files and directories are associated with 3 types of permissions that control access rights to them. The permissions are read, write and execute. These permissions decide what actions can be performed on files and directories by user groups.

The chmod command is used in Linux to modify the access permissions of filesystem objects such as files and directories. You may also use it to change special permissions such as setuid (SUID), setgid (SGID), and sticky bit.

Syntax

Symbolic mode:

chmod <ugoa><-+=><rwxst> file(s) or directory(s)
or
chmod [who][operator][permissions] file(s)/directory(s)

Where,

who - to whom the permission applied.

operator - action to be performed.

permissions - read, write, and execute.

Numeric Mode:

chmod [permissions-number] file(s)/directory(s)

Where permissions is a 3 digit octal number. This would be the sum of the following values

  • 4: Read permission.
  • 2: Write permission.
  • 1: Execute permission.

Remember in Linux, the user who owns a file or directory, and the superuser (root), have the ability to change permissions.

Understanding Linux Permissions

In Linux permission determines who can access. modify and execute files and directories. The files and directories are associated with three user categories: owner, group, and others.

Here is the overview of each permission

  • Read (r): The read permission for a file means the user can open and view the content. For a directory (folder) the user can list the contents of the directory.
  • Write (w): This allows the user to modify or delete files. For directories, it enables users to add or remove files and subdirectories.
  • Execute (x): This enables user to run executable files. For example for programs and shell scripts.

Note: Other than read, write, and execute there are a few special permission modes you can assign to files and directories. The special permission modes are setuid (SUID), setgid (SGID), and sticky bit.

Now we can look at three user groups:

  • owner - The owner is user who owns the file or directory. By default when a user creates a file or directory the same user will become the owner.
  • Group - The group is a collection of users. Files and directories can be assigned to a group. All the users in the group will have the same access permission on the files or directories.
  • Other - Other users who are not the owner or in the group. This means "everyone" or in other way say the "world".

Symbolic mode with Examples

The chmod symbolic mod is also known as relative mode. Let's look into some examples.

Give the owner and group - read, write and execute permission - for others read and write on the directory:

chmod u=rwx,g=rwx,o=rx directory1
or 
chmod ugx+rwx directory1

Give read, write, and execute permissions for all on the file:

chmod a+rwx filename1

Here we combine multiple permissions at once, you may use individual permission characters as well.

Give the group read and write permissions on the file:

chmod g+rw myfile1

Remove execute permissions for others on the script file:

chmod o-x scriptfile.sh

To remove specific permissions from a file or directory, you can use the - symbol followed by the permission character.

Numerical mode with Examples

Chmod numerical mode is also known as absolute mode. This is the commonly used method to modify permissions.

To give read, write, and execute permissions to the owner, read and execute permission to the group, and read permission to others on a text file:

chmod 754 hellofile.txt

Permissions are derived by summing up the each of following octal values in each user category. 

  • 4: Read permission (r).
  • 2: Write permission (w).
  • 1: Execute permission (x).

So in the command above 7 value indicates rwx ( 4+2 +1), 5 values indicate rx (4 + 1) and 4 value indicates x (1).

Give full permission for all on the directory:

chmod 777 projectdirectory

Special Permissions

In addition to read, write and execute - in Linux there are special permissions that can be assigned using chmod command. As mentioned before the special permissions are sticky bit, SUID or SGID. This permission can be set using symbolic or numerical methods.

Numerical values for respective special permissions are:

SUID = 4
SGID = 2
sticky bit = 1
zero effect = 0

For example to give sticky bit special permission on /tmp directory:

chmod 1777 /tmp

Using the symbolic method use s for SUID and SGIG and t for sticky bit. Examples:

Set stick bit on the file
chmod a+t /tmp

Set SUID on the file
chmod u+s /mysuidfile.txt
chmod u+x /mysuidfile.txt

Set SGID on the file - This makes new files inherit the group permissions of the parent directory
chmod g+s /parent-directory

Chmod Recursively

Use -R or --recursive option with chmod to recursively modify permissions for files, directories, and subdirectories.

Syntax:

chmod -R permission-number /path/to/directory

For example to set 755 permissions recursively to all files, directories, and subdirectories in /var/www/html:

sudo chmod -R 755 /var/www/html

The same can be done using the symbolic notation:

chmod -R u=rwx,go=rx /var/www/html

Be careful when performing chmod recursive operation. Accidental modification of sensitive files and directories can cause disruption to normal operations or security risks.

Using Find Command

Above mentioned command recursive set all files and directories with the same permissions. This may be not required in all instances. To recursively set separate permission to files or directories we can bring the find command.

To find only directories type and change its permission. Syntax:

find /path/to/base-directory -type d -exec chmod mode {} \;

For example to set 755 permissions to all directories and subdirectories within /var/www/html including html directory:

find /var/www/html -type d -exec chmod 755 {} \;

Inside if you are inside the html directory you can dot (.) as the path. This won't affect the base directory html.

find . -type d -exec chmod 755 {} \;

To find only files and change its permissions. Syntax:

find /path/to/base-directory -type f -exec chmod 644 {} \;

To change all files permissions to 644 within /var/www/html directory and its subdirectories:

find /var/www/html -type f -exec chmod 644 {} \;

Before applying it's good to verify which files it's applying by just removing -exec portion of the command.

Using reference file

Using the --reference=reference_file option, you can transfer file permissions from one file to another.

Syntax:

In the syntax shown, the filename ends up having the same file permissions as the reference_file.

chmod --reference=reference_file filename

Here "filename" ends up having the same file permissions as the "reference_file".

Example:

chmod --reference=myreferencefile.txt myfile.txt
output of chmod reference file

From the output you can the target file named myfile.txt gets the same file permission of myreferfile.txt.

Before concluding would like to bring up one more point. Do you know what happens chmod on Symlinks? No change happen to the actual symlink but it would change target file permissions. This is because symlinks permissions don't really matter to the system.

13 Modern Alternatives to Linux Commands

Basic Linux Commands You Should Know

14 Command Line Tools to Check CPU Usage in Linux

xargs command with Examples

SHARE

Comments

Please add comments below to provide the author your ideas, appreciation and feedback.

Leave a Reply

Leave a Comment