Skip to main content
Engineering LibreTexts

03-A.2: Modify Permissions: File and Directory (continued)

  • Page ID
    26824
  • Changing File and Directory Permissions

    The chmod Command

    The chmod command is used to change the access mode of a file. The name is an abbreviation of change mode.

    Syntax :

    chmod [reference][operator][mode] file... 
    

    The references are used to distinguish the users to whom the permissions apply, i.e. they are a list of letters that specifies whom to give permissions. The references are represented by one or more of the following letters:

    Reference Class Description
    u owner file's owner
    g group users who are members of the file's group
    o others users who are neither the file's owner nor members of the file's group
    a all All three of the above, same as ugo

    The operator is used to specify how the modes of a file should be adjusted. The following operators are accepted:

    Operator Description
    + Adds the specified modes to the specified classes
    - Removes the specified modes from the specified classes
    = The modes specified are to be made the exact modes for the specified classes

    An example will make this clearer.

    If we want to give “execute” permission to the rest of the world (“other”) for file “xyz.txt”

    pbmac@pbmac-server $ ls -l xyz.txt 
    ---------- 1 pbmac pbmac 0 Dec 11 18:49 xyz.txt
    

    You do NOT see many files with NO permissions, but it works well for our demonstration. So, the add execute permission for "others" we would start by typing:

    chmod o
    

    Now you would type a ‘+’ to say that you are “adding” a permission.

    chmod o+
    

    Then you would type an ‘x’ to say that you are adding “execute” permission.

    chmod o+x
    

    Finally, specify which file you are changing:

    chmod o+x xyz.txt
    

    The change can be seen in the below - the xyz.txtfile now has execute permission - 'x' - on the "others" permission level.

    pbmac@pbmac-server $ chmod o+x xyz.txt 
    pbmac@pbmac-server $ ls -l xyz.txt 
    ---------x 1 pbmac pbmac 0 Dec 11 18:49 xyz.txt
    

    It is possible to change multiple permissions at once. For example, to give ALL permissions for everyone, the command would be

    chmod ugo+rwx xyz.txt
    

    This command affects the user (u), the group (g) and others (o) and adds ( -+) the read (r), the write (w) and the execute (x) permission to the file xyz.txt.

    pbmac@pbmac-server $ chmod ugo+rwx xyz.txt
    pbmac@pbmac-server $ ls -l xyz.txt 
    -rwxrwxrwx 1 pbmac pbmac 0 Dec 11 18:49 xyz.txt
    

    NOTICE - it did NOT add any value to the first position; it is still a dash.

    Another example - we will start with the file abc.mp4:

    pbmac@pbmac-server $ ls -l abc.mp4 
    -rw-r--r-x 1 pbmac pbmac 0 Dec 11 18:57 abc.mp4
    

    Using a more complex chmod command we change several permissions at different levels:

    pbmac@pbmac-server $ chmod o+x abc.mp4 
    pbmac@pbmac-server $ ls -l abc.mp4 
    -rw-rw-r-x 1 pbmac pbmac 0 Dec 11 18:57 abc.mp4

    This command adds (+) the read (r) and write (w) permission to both user (u) and group (g) and removes (-) the execute (x) permission from others (o) for the file abc.mp4 (this file does NOT exist in our images).

    The command

    chmod ug=rx,o+r abc.c
    

    assigns read (r) and execute (x) permission to both user (u) and group (g) and adds read permission to others for the file abc.c.

    pbmac@pbmac-server $ ls -l abc.c
    -rw-r----- 1 pbmac pbmac 0 Dec 11 19:07 abc.c
    pbmac@pbmac-server $ chmod ug=rx,o+r abc.c
    pbmac@pbmac-server $ ls -l abc.c
    -r-xr-xr-- 1 pbmac pbmac 0 Dec 11 19:07 abc.c
    

    There can be numerous combinations of file permissions that can add, remove and assign.

    The Octal Notations

    Each of these digits is the sum of its component bits in the binary numeral system. As a result, specific bits add to the sum as it is represented by a numeral:

    • The read bit adds 4 to its total (in binary 100),
    • The write bit adds 2 to its total (in binary 010), and
    • The execute bit adds 1 to its total (in binary 001).

    These values never produce ambiguous combinations; each sum represents a specific set of permissions. More technically, this is an octal representation of a bit field – each bit references a separate permission, and grouping 3 bits at a time in octal corresponds to grouping these permissions by user, group, and others.

    These are the examples from the symbolic notation section given in octal notation:

    Symbolic
    notation
    Numeric
    notation
    English
    ---------- 0000 no permissions
    -rwx------ 0700 read, write, & execute only for owner
    -rwxrwx--- 0770 read, write, & execute for owner and group
    -rwxrwxrwx 0777 read, write, & execute for owner, group and others
    ---x--x--x 0111 execute
    --w--w--w- 0222 write
    --wx-wx-wx 0333 write & execute
    -r--r--r-- 0444 read
    -r-xr-xr-x 0555 read & execute
    -rw-rw-rw- 0666 read & write
    -rwxr----- 0740 owner can read, write, & execute; group can only read; others have no permissions

    Using the table above we can figure this out. The following two commands are the same.

    chmod ugo+rwx [file_name]
    chmod 777 [file_name]
    
    So - this is:
    421  421  421
    rwx  rwx  rwx
     7    7    7
    

    Both provide read, write and execute permission (the octal value of 7) to all three levels. The first number, on the left, represents the user, the middle number represents the group, and the last number, on the right, represents the others.

    Another example:

    chmod u=r,g=wx,o=rx [file_name]
    chmod 435 [file_name]
    
    Looking at this one:
     421   421   421
     r--   -wx   r-x
      4     3     5
    

    Both commands give read (an octal value of 4) permission to user, write and execute (an octal value of 3) for group and read and execute (an octal value of 5) for others.

    And even this…

    chmod 775 [file_name]
    chmod ug+rwx,o=rx [file_name]
    
    421  421  421
    rwx  rwx  r-x
     7    7    5
    

    Both the commands give all permissions (an octal value of 7) to user and group, read and execute (an octal value of 5) for others.

    Adapted from:
    "File-system permissions" by Multiple ContributorsWikipedia is licensed under CC BY-SA 3.0

    • Was this article helpful?