The chmod command

A command which you will find yourself using an awful lot if you spend any time at all on a GNU/Linux based computer is the command, chmod. From the man page, this is a program that “changes file mode bits.” In case that was not descriptive enough, the longer version is that the program sets the permissions for the categories of people that can use your computer and what they can do with the file, such as reading and writing.

Before we get into using the actual program, lets define the categories of users.

u = user; the person who owns the file
g = group; the group of users the file belongs to
o = other; everyone that is not the owner or is in the group
a = all; everyone, everywhere

Next we’ll define the set of possible permissions and their octal numbers.

r = 4 = read; can open and read the contents of the file
w = 2 = write; can write to the file (but not necessarily read it)
x = 1 = execute; can execute the file (i.e. run a script)
X = n/a = execute [a dir]; can move into and out of the directory
[blank] = 0 = no permissions at all

The above are normally written horizontally. The octal permissions are written likewise, only they are added together first for each category.

Here is a file that is read (r, 4), writable (w, 2), and executable (x, 1) by everyone (u, g, o)

User : Group : Other
 rwx :  rwx  :  rwx
  7  :   7   :   7

And a file that is read, write, execute for the user, read and write for the group, and read-only for other:

User : Group : Other
 rwx :  rw-  :  r--
  7  :  6    :  4

And a file that is read-only for everyone.

User : Group : Other
 r-- :  r--  :  r--
  4  :  4    :  4

Now that that’s out of the way, lets use chmod.

To add a permission, use the plus sign, +, to remove a permission, use the minus sign -, and to set a permission, use the equals sign, =. In the text below, the first column is the command and the second is the resulting permissions.

Set read-only permissions for everyone:
     chmod a=r foobar      -r--r--r--
Modify the above so the group has execute permission:
     chmod g+x foobar      -r--r-xr--
Modify the above so the user has write and execute permission:
     chmod u+wx foobar     -rwxr-xr--
Modify the above so the user and group do not have execute permission:
     chmod ug-x foobar     -rw-r--r--

Using the octal numbers:

Set the file to read, write, execute for the user, read and execute for the group and other:
     chmod 755 foobar     -rwxr-xr-x
Set the file to read and write for the user, read-only for the group, and no permissions for other:
     chmod 640 foobar     -rw-r-----
Set the file to read and write for the user and group, and execute only for other:
     chmod 441 foobar     -rw-rw---x

You can string permissions together and set lots of things at once. This next line recursively sets all files at 644, and all directories at 755:

chmod -R u+rwX,go+rX,go-w /path/to/dir

Here is how you set all files at 600 and directories at 711:

chmod -R u+rwX,go+X,go-rw /path/to/dir

Getting fancy, lets use the find command to do something similar, but only on directories, and then with 775 permissions:

find /path/to/dir -type d -print0 | xargs -0 chmod 775

Again, but this time on files only and giving them 660 permissions:

find /path/to/dir -type f -print0 | xargs -0 chmod 660

And there you have it! chmod in a nutshell.

Tagged , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.

Protected by WP Anti Spam