How to Use the chmod Command to Control File Permissions on Linux
Learn everything you need to know about file permissions in Linux, including how to set, change, and remove permissions.
Introduction
Linux is a UNIX like based-operating system, and for that reason, many users can be logged into the same system to work, thus, the need for each user to have full control of His or Her own space as they work to avoid any problem that will have to do with their files being tampered with by the other users of the same system.
So to solve this problem of having other users tamper with your files, the chmod
command. Which you can use to control who can read your file, write to the file or execute the file.
The chmod Command
The chmod
command which stands for change file mode bits is a command that a user can use to set the permission to who can have access to his files and directories.
It consists of setting the read r, the write w, and the execute x at three levels:
The User, Group and Other level, as shown in the diagram below.
From the diagram above, it can be seen that the permission classes are the User, the Group and Other, and each of these classes can have the read, the write and the execute command. The effect of this command is different for the file as well as the directory.
Permissions for Directories
For the directory permissions, the effect is unique to directories and different from files, and the effects are as follows:
r - allows the contents of the directory to be listed only if the x attribute is set as well.
w - allows the files in the directories to be created, renamed and deleted if the x attribute is set as well.
x - allows a directory to be entered.
Permissions for Files
The permissions for files are also unique to just files and the effects are as follows:
r - allows the content of the file to be read/seen.
w - allows to write to the file/to edit the file.
x - allows for the file to be executed/run, like an application.
How to use the chmod command
There are two main ways of using the chmod command:
The Alphabetic Method
This involves using letters to represent both the permission class (u for user, g for user group and o for others) and also the permissions (r for read, w for write and x for execute). The positive (+) and negative (-) sign is also used to add permission(s) to the permission class and remove permission(s) from a permission class. There are instances also where you want to just replace whatsoever permission there is to the permission class with another permission, in that case, you can use the equal to (=) to do that. Below are ways you can add, remove or replace permissions to the permission class.
Adding Permissions
To add permission to the permission class, you simply need to use the
chmod
command, followed by the permission class you want to add permission to, then followed by the plus sign, and then the name of the file or directory.chmod g+r file_name
This adds read permission to the user group of the file named file_name.
To add more than one permission to a permission class, you simply list all the permissions together.
chmod u+rwx dir_name
This adds the read, write and execute permission to the user group permission class of the directory, dir_name.
One can also add permission(s) to more than one permission class. We can add the same permission(s) to two or all of the permission classes at the same time.
chmod ugo+r file1
This adds the read permission to the user u, user group g and others o permission class to the file named file1.
Removing Permissions
This is similar to adding permissions, the only difference is in the sign, here the negative sign is used to remove permission(s) from the permission class(es).
chmod g-r file1
This removes the read permission from the user group permission class.
chmod o-rwx dir1
This removes the read, write and execute permission from the others permission class.
chmod ugo-rw file1
This removes the read and write permission from the user, user group and other permission classes.
Replacing Permissions
This is done using the equality sign (=). This replaces whichsoever permission is present in the permission class with what is being stated.
chmod u=rw file1
This replaces any permission present in the user permission class with the read and writes permission.
chmod ug=x dir1
This changes all the permissions that the user and user group permission class has with the execute permission.
The Numerical Method (Octal Connotation)
The numeric way also does the same work as the alphabetic method, the only difference is in their implementation.
The numeric method works based on the octal number system (numbers in base 8).
When dealing with numbers in binary (base 2), you will agree with me that the highest number is 1 and the lowest number is 0, any other number is a combination of one or more of those two numbers, so also for numbers in decimal/denary (base 10), you will agree with me that the lowest is 0 and the highest is 9, any other number is a combination of from 0 to 9, so also if we are to talk about the octal (base 8) numbering system, we will observe that the lowest number is 0 while the highest number is 7. So numbers in any given base are always one number less than their respective base, simply because the numbers are been counted as digits starting from zero (0). So for numbers in base 8 (octal), they are from 0 to 7, but if you count the number of digits, you will find out that they are 8 digits.
Here is an illustration that explains how this numerical method works for permissions.
In this method, each of the permission classes has a read, write and execute permission that can either be added, removed or replaced. This method works based on the octal numbering system, which always uses a three-digit approach, with each digit belonging to each of the permission classes. The first one belongs to the User, the second one belongs to the User Group and the last digit belongs to the Others.
For the User, we can give it any digit ranging from 0 to 7, with each digit with the permission it is granting, the same applies to Group and also Other. The application of this approach is as follows:
chmod 765 file1
what we did here was to give the User, which is the first digit (7) the read, write and execute (r+w+x) permissions. We also give the Group which is the second digit (6), which is the read and the write (r+w) permissions. Lastly, we gave Others the last digit which is the read and the execute (r+x) permissions.
chmod 402 dir1
Here, we gave User - 4, which is the read permission, Group - 0, which is no permission and Others - 2, which is the write permission to the directory named dir1.
Conclusion
The chmod command is a powerful shell command for granting permissions to files and directories across users, user groups and others that are working in the same operating system environment as we are. It is commonly used in UNIX-like systems such as Linux etc.
My name is Gideon Bature, I am currently a student of ALX Software Engineering at the point of writing this article. I will like to connect with you on Twitter and LinkedIn. Thank you.