skip navigation

www.Hilands.com


Content:: chmod

File Permissions using chmod
Last Modified: 2012-02-18
The command chmod (change mode) is a command line tool used in Linux and other Unix like systems to change the permissions of a file.

Table of Contents
Viewing file permissions
We'll first create an empty file named test.txt. touch test.txt
To view the permissions of a file we can use the listing command ls with the -l switch # ls -l
-rw-r--r-- 1 root root 0 Feb 16 17:11 test.txt
The first 10 characters tell us the type of file followed by the permissions for the user, group and other.
permission structure


The file type character is the first character and will tell us the type of file.
- (file)
	d (directory)
	l (symbolic link)
	b (block special file)
	c (character special file)
	p (named pipe special file)
	s (local socket special file)
The rest of the characters, preceding the first space, are in groups of three permissions for a user, group or others.
Each grouping of three permission sets tell us if the file can be read, written to or executed.
r (readable)
	w (writable)
	x (executable)


In addition to the three primary permissions we also have the sticky bit, set group ID and set user ID.

The sticky bit will replace the "other" execution location with with a capital T if execution is not set for the "other" grouping of permissions, or a lower case t if the execution is set for the "other" grouping of permissions.
-rw-r--r-T 1 root root 0 Feb 16 17:11 test.txt
-rw-r--r-t 1 root root 0 Feb 16 17:11 test.txt

The set group ID will replace the "group" execution location with with a capital S if execution is not set for "group" grouping of permissions, or a lower case t if the execution is set for "group" grouping of permissions.
-rw-r-Sr-- 1 root root 0 Feb 16 17:11 test.txt
-rw-r-sr-- 1 root root 0 Feb 16 17:11 test.txt
The set user ID will replace the "user" execution location with with a capital S if execution is not set for "user" grouping of permissions, or a lower case t if the execution is set for "user" grouping of permissions.
-rwSr--r-- 1 root root 0 Feb 16 17:11 test.txt
-rwsr--r-- 1 root root 0 Feb 16 17:11 test.txt
Using chmod
The chmod command can handle two different types of modifications which are the octal numeric value and the symbolic mode.

The logic for the numerical value is quite simple read access is 4, write is 2, and execute is 1. If you want multiple permission types set to a group you add the number of the permissions you want together. If you want to have read, write, and execute enabled the sum of 4, 2, and 1 is 7.
#Permission
0none
1execute
2write
3write and execute
4read
5read and execute
6read and write
7read, write, and execute


When using chmod you can enter the numeric values for the user, group and other with as one number sequence.

If we want to give all rights to a file for every user type we can use the numeric value 7 which allows read write and execute for the user group and other with the following command.
The first number is for the user, the second is for the group and the third is for other. # chmod 777 test.txt Viewing the file permissions with an "ls -l" will result in the following
-rwxrwxrwx 1 root root 0 Feb 16 17:11 test.txt


Only using one digit will reset the permissions for user and group and modify the settings for the group other. Using the following example # chmod 4 test.txt will result in the follwing
-------r-- 1 root root 0 Feb 16 17:11 test.txt


A command change will be to set the permissions to read and write for the user, read for the group, and read for other. # chmod 644 test.txt
-rw-r--r-- 1 root root 0 Feb 16 17:11 test.txt


To set read and write access to the file for the primary user only we can use the following # chmod 600 test.txt
-rw------- 1 root root 0 Feb 16 17:11 test.txt


In addition to the primary three groups we can set the sticky bit, set uid, and set guid with the bit structure. For this we will be sending four digits to the chmod command.
#Permission
0none
1sticky bit
2set user ID
3sticky bit and set user ID
4set group ID
5stick bit and set group ID
6set user ID and set group ID
7sticky bit, set user ID, and set group ID


If we want to set the set group ID read and write access for the user and group and nothing else for others we can use the following command # chmod 2660 test.txt
-rw-rwS--- 1 root root 0 Feb 16 17:11 test.txt


When dealing with a shared folder to allow users of a specific group to keep the group set on the folder for new files you'll want to change the settings to 2770. chmod 2770 share/
drwxrws--- 33 share    share    4096 Feb  16 17:11 share