Get 50% Discount Offer 26 Days

Recommended Services
Supported Scripts
WordPress
Hubspot
Joomla
Drupal
Wix
Shopify
Magento
Typeo3
A Complete Guide to chmod in Linux That Covers Every Possible Command

Configuring file permissions right in a Linux environment is very important for data security and managing the operating system. An abbreviation for change mode, the chmod command is an essential tool for setting and changing permissions of files and deciding who can see and do what with each file. We will cover every aspect of chmod in Linux so you understand the syntax, usage, and application in varying situations.

chmod in Linux That Covers Every Possible Command

1. Introduction to chmod and File Permissions in Linux

Overview of chmod

In Linux, though, having a Linux utility is one thing, but being able to utilize it is another. And one of the more important ones is chmod. The main benefit of setting permissions is that they allow you to specify who can read, write, or execute a given file — a technique that helps keep your system neat and clean on a single-user basis and in a multi-user system.

Importance of File Permissions

In Linux, permissions play a vital role by:

  • Safeguarding sensitive information from unauthorized access.
  • Minimizing errors by preventing unintended modification.
  • Controlling executable files to protect against security risks.

It’s important to know and control permissions carefully since granting write permissions to all the users will leave a public folder open to threats or misuse.

Basic File Permissions Explained

Permissions in Linux are of three types:

  1. Read (r): Grants the ability to view file contents.
  2. Write (w): Allows editing, modifying, or deleting the file.
  3. Execute (x): Permits that the file is executed as a script or program.

These permissions are assigned across three categories of users:

  • User (u): The file’s owner.
  • Group (g): The file’s assigned group.
  • Others (o): All other users on the system.

The permissions on your files and directories on a Linux system can be managed using chmod and will give you control over its access by each user.

2. Linux File Permissions Explained

Permissions in Linux can be managed using two modes: numeric (octal) and symbolic. Each mode has its advantages and serves specific needs.

Numeric (Octal) Mode

Numeric mode represents permissions as a combination of numbers from 0 to 7. Binary values correspond to specific permissions for each number:

  • 4: Read permission (r)
  • 2: Write permission (w)
  • 1: Execute permission (x)

By adding these values, you can represent combinations of permissions:

  • 7 (4+2+1): Read, write, and execute (complete access)
  • 6 (4+2): Read and write
  • 5 (4+1): Read and execute
  • 0: No permissions

Three digits represent permissions:

  1. The first digit sets permissions for the owner.
  2. The second digit applies to the group.
  3. The third digit applies to others.

Examples

  • 755: The owner has read, written, and executed; the group and others have read and executed.
  • 644: The owner has read and written; the group and others have read only.
chmod 755 example.sh
Linux chmod 755 example.sh
chmod 644 notes.txt
chmod 644

Symbolic Mode

Symbolic mode allows permissions to be specified with letters and symbols for flexibility:

  • u for user (owner)
  • g for group
  • o for others
  • a for all

Symbols like +, , and = let you add, remove, or set permissions, respectively:

chmod u+x script.sh   # Adds execution permission for user
Symbols mode let you add, remove, or set permissions respectively
chmod g-w file.txt    # Removes write permission from group
Symbols Mode Removes write permission from group
# Sets others to read-only
Symbols Mode Sets others to read-only

3. The Basics of chmod Commands

Checking Current File Permissions

To see the permissions of a file, use:

ls -l filename
Checking Current File Permissions

This command lists the permissions in the format -rwxr-xr–, where each part represents different permissions for the owner, group, and others.

Using chmod in Numeric Mode

The octal (numeric) format is efficient and widely used. Here are some examples of common permission values:

  • 744: The owner has full access; the group and others can only read.
  • 600: The owner has read and write; the group and others have no permissions.
chmod 744 config.ini
chmod in Numeric Mode 744 allow Owner full access, group and others can only read.
chmod 600 private_data.txt
chmod in Numeric Mode 600 Owner can read and write, group and others have no permissions.

Using chmod in Symbolic Mode

Symbolic mode provides flexibility to add or remove specific permissions without altering other existing permissions.

Examples:

Add Execute for User:

chmod u+x script.sh
chmod in Symbolic Mode Add Execute for User

Remove Write for Group:

chmod g-w notes.txt
chmod in Symbolic Mode Remove Write for Group

4. chmod Command Options and Flags

Common chmod Options

-c: Outputs only when changes are made.

chmod -c 644 file.txt
Common chmod -c Outputs only when changes are made

-v: Verbose mode, showing detailed output for each file.

chmod -v 755 program.sh
Common chmod -v Verbose mode, showing detailed output for each file

-R: Recursive change for directories, applying the command to all files within.

chmod -R 755 /home/user/docs/

Advanced chmod Options

Sticky Bit (+t)

The sticky bit is often used for shared directories, ensuring that only file owners can delete files:

chmod +t /var/public
sticky bit is often used for shared directories, ensuring that only file owners can delete files

SUID (+s)

SUID (Set User ID) allows users to execute a file with the file owner’s permissions:

chmod u+s executable
SUID allows users to execute a file with the file owner permissions

SGID (+s)

SGID (Set Group ID) confirms that new files in a directory inherit the group of the directory:

chmod g+s shared_folder
SGID confirms that new files in a directory inherit the group of the directory

5. Advanced chmod Commands for Specialized Use Cases

Setting Special Permissions

SUID: Useful for files that need to run with elevated privileges, such as /bin/passwd.

chmod 4755 /bin/passwd
SUID Useful for files that need to run with elevated privileges

SGID: Often set on directories shared by groups, like a team project directory.

chmod 2755 /var/shared
SGID Often set on directories shared by groups

Sticky Bit: Used in directories like /tmp where files should only be deletable by their owners.

chmod 1777 /tmp
Sticky Bit Used in directories where files should only be deletable by their owners.

Changing Permissions on Multiple Files and Directories

To apply permissions to all files in a directory:

chmod -R 644 /path/to/folder
chmod -R 644 to apply permissions to all files in a directory

Secure Permissions for Scripts and Executables

For scripts, it’s common to restrict permissions to 700 or 755 for security:

chmod 700 start_script.sh
it is common to restrict permissions to 700 for security
chmod 755 run_program.sh
it's common to restrict permissions to 755 for security

6. chmod and Security: Best Practices for Permission Management

Common Security Risks

Improper permissions can lead to data exposure or accidental changes:

  • Setting permissions too permissively (e.g., 777) can expose files to anyone.
  • Setting scripts with execute permissions for all can introduce security vulnerabilities.

Guidelines for Secure Permissions

  • System Configuration Files: Restrict to 644 to prevent unauthorized changes.
  • Executable Scripts: Limit execution permissions to the owner or trusted group members.
  • Shared Directories: Use sticky bits to prevent unauthorized deletions.

chmod for Linux Security

Setting permissions carefully with chmod helps secure files, preventing unauthorized access and modifications. Regularly audit permissions on critical files using tools like find and ls.

7. chmod Permissions in Practice: Real-World Scenarios and Examples

chmod in Multi-User Environments

In shared directories, use chmod with sticky and SGID bits to organize files:

chmod 2775 team_shared/
chmod 2775 team_shared SGID bits to organize files
chmod +t team_shared/
chmod +t team_shared/ sticky and SGID bits to organize files

chmod in Development and Production Environments

For development, scripts often need to execute permissions (700 or 755):

chmod 755 deploy.sh
For development, scripts often need execute permissions 700 or 755

Examples and Tutorials

  1. Secure Permissions for Config Files:
chmod 644 /etc/config.conf
Secure Permissions for Config Files
  1. Setting Up a Shared Group Folder:
chmod 2775 /project_folder
Setting Up a Shared Group Folder
  1. Limit Permissions for Sensitive Files:
chmod 600 private_notes.txt
Limit Permissions for Sensitive Files

8. Summary of chmod Commands and Cheat Sheet

Quick Reference for chmod Commands

  • chmod 755 filename: Owner full access, group, and others read/execute.
  • chmod 644 filename: Owner read/write, group and others read-only.
  • chmod +x filename: Adds execution permission.

Quick Tips for chmod Mastery

  • Use numeric codes for common permissions.
  • Use symbolic mode for fine adjustments.
  • Remember -R for recursive changes.

9. FAQs on chmod and File Permissions

1. How do I make a file executable?

chmod +x filename
chmod x filename

2. How can I set permissions for all files in a directory?

Add -R for recursive permissions:

chmod -R 644 /path/to/directory
chmod R 644 img

3. What’s the difference between 755 and 777?

  • 755: The owner has all permissions; the group and others can read and execute.
  • 777: Full access for all, which is typically insecure.

4. How can I remove execute permissions for a script?

To prevent execution, remove the x permission:

chmod -x script.sh
chmod x script

By mastering chmod, you increase Linux security, managing access for multiple users while keeping sensitive data secure. In short, this guide will give you a good foundation on which to build your permission management.

About the writer

Vinayak Baranwal Article Author

This article was written by Vinayak Baranwal, For more insightful content or collaboration opportunities, feel free to connect with Vinayak on LinkedIn through the provided link.

Leave a Reply

Your email address will not be published. Required fields are marked *

Lifetime Solutions:

VPS SSD

Lifetime Hosting

Lifetime Dedicated Servers