chmod

Change access permissions, change mode.

Syntax
       chmod [Options]... Mode [,Mode]... file...

       chmod [Options]... Numeric_Mode file...

       chmod [Options]... --reference=RFile file...

Options
  -f, --silent, --quiet   Suppress most error messages.

  -v, --verbose           Output a diagnostic for every file processed.
  -c, --changes           like verbose but report only when a change is made.

      --reference=RFile   use RFile's mode instead of MODE values.

  -R, --recursive         Change files and directories recursively.
                          Take care to not run recursive chmod on the root '/' directory or any other system directory.

      --help              Display help and exit.

      --version           output version information and exit.

chmod changes the permissions of each given file according to mode, where mode describes the permissions to modify.
Mode can be specified with octal numbers or with letters.

Using letters is easier to understand for most people. e.g. chmod +x filename.sh to make filename.sh executable.

Permissions:

Owner Group Other
Read
Write
Execute

When chmod is applied to a directory:

chmod never changes the permissions of symbolic links. This is not a problem since the permissions of symbolic links are never used. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed-to file. In contrast, chmod ignores symbolic links encountered during recursive directory traversals.

Numeric mode:

From one to four octal digits
Any omitted digits are assumed to be leading zeros.

The first digit = selects attributes for the set user ID (4) and set group ID (2) and save text image (1)S
The second digit = permissions for the user who owns the file: read (4), write (2), and execute (1)
The third digit = permissions for other users in the file's group: read (4), write (2), and execute (1)
The fourth digit = permissions for other users NOT in the file's group: read (4), write (2), and execute (1)

The octal (0-7) value is calculated by adding up the values for each digit
User (rwx) = 4+2+1 = 7
Group(rx) = 4+1 = 5
World (rx) = 4+1 = 5
chmode mode = 0755

Numeric Examples

chmod 400 file - Read by owner
chmod 040 file - Read by group
chmod 004 file - Read by world

chmod 200 file - Write by owner
chmod 020 file - Write by group
chmod 002 file - Write by world

chmod 100 file - execute by owner
chmod 010 file - execute by group
chmod 001 file - execute by world

To combine these, just add the numbers together:
chmod 444 file - Allow read permission to owner and group and world
chmod 777 file - Allow everyone to read, write, and execute file

Symbolic Mode

The format of a symbolic mode is a combination of the letters +-= rwxXstugoa
Multiple symbolic operations can be given, separated by commas.
The full syntax is [ugoa...][[+-=][rwxXstugo...]...][,...] but this is explained below.

A combination of the letters ugoa controls which users' access to the file will be changed:

User letter
The user who owns it u
Other users in the file's Group g
Other users not in the file's group o
All users a

If none of these are given, the effect is as if a were given, but bits that are set in the umask are not affected.

All users a is effectively user + group + others

The operator '+' causes the permissions selected to be added to the existing permissions of each file; '-' causes them to be removed; and '=' causes them to be the only permissions that the file has.

The letters 'rwxXstugo' select the new permissions for the affected users:

Permission letter
Read r
Write w
Execute (or access for directories) x
Execute only if the file is a directory
(or already has execute permission for some user)
X
Set user or group ID on execution s
Restricted deletion flag or sticky bit t
The permissions that the User who owns the file currently has for it u
The permissions that other users in the file's Group have for it g
Permissions that Other users not in the file's group have for it o

Examples

Deny execute permission to everyone:

$ chmod a-x file

Allow read permission to everyone:

$ chmod a+r file

Make a file readable and writable by the group and others:

$ chmod go+rw file

Make a shell script executable by the user/owner:

$ chmod u+x myscript.sh

You can then execute it like this:

$ ./myscript.sh

Allow everyone to read, write, and execute the file and turn on the set group-ID:

$ chmod =rwx,g+s file

This page documents the GNU version of chmod.

“It's easier to ask forgiveness than it is to get permission” ~ Rear Admiral Grace Hopper

Related linux commands

access - Determine whether a file can be accessed.
ls -l - List current permissions: -- u (owner) -- g (group) -- O (Other).
chgrp - Change group ownership.
chown - Change file owner and group.
setfacl - Set file access control lists.
stat - Display file or file system status.
bash syntax - Permissions
Equivalent Windows command: CACLS - Change file permissions.


 
Copyright © 1999-2024 SS64.com
Some rights reserved