chmod command on Linux (file permissions) [Basic Guide]

2 years ago

5 minutes

On Linux, access to files is managed through file permissions, attributes, and ownership. Among these commands, we have chmod, which in Portuguese means change mode.

For those who use this operating system, it is very important to know more about it, its syntaxes, and its main permission settings. Therefore, in this article, we will explore this subject. Have a good read!

How do file permissions work on Linux?

Before explaining the very concept of chmod, it’s important to understand how file permissions work in Linux. There is a basic permissions model that needs to be understood.

In this operating system, each file relates to an owner and a group that causes them to receive access permission rights for three different classes. They are:

The owner of the file;
The members of the group;
Everyone else.

In addition, file permissions may be applied differently for each class, since there is the read permission, the write permission, and the execute permission.

What is the chmod command?

Considering these points presented, chmod means the command and the system call that makes it possible to change access permissions for system objects, that is, files and directories, as well as special mode flags.

chmod allows you to manually change a file’s permission settings. Umask is responsible for the request filter. This command can accept one or more files, as well as directories, separated by space as arguments.

Command syntax

To understand chmod well, it is also necessary to understand the syntax of this command. It may have a symbolic representation, using letters, and an octal representation, which occurs through numbers.

This means a special set of arguments, which correspond to ownership and permissions.

Symbolic Representation

The syntax of the chmod command when using symbolic mode has the following format regarding the actions that will be defined:

Permission	Meaning	Representation
Reading	Permission to read and copy directory	R
Write	Permission to write, edit, delete, add new files to directory	W
Run	Permission to execute binary	X
Without permission	No permission for any activity	–

For each owner, these permissions can be combined. From a symbolic point of view, owner classes can be schematized as follows:

Owners	Symbolic representation	Description
Users	U	The primary owner of the file object/directory
Groups	G	A user can be part of one or more groups
Other	O	Other users who are also not part of the group
All Users	A or UGO	All users of the file

The difference between symbolic representation is in the situation where you only want to add or remove permission for a specific action for a specific class.

The flags for each operation will define whether permissions should be removed, added, or set. Symbolically they are divided as follows:

– will remove the specified permissions;
+ will add the specified permissions;
= will change the current permissions to the specified permissions.

If no permission is specified after the = symbol, all permissions for the specified user class will be removed.

Permissions (perms…) can be explicitly defined using zero or one or more of the following letters: r, w, x, X, s, and t.

When setting permissions for more than one user class ([,…]), use commas without spaces to separate symbolic modes.

Octal Representation

An octal is a number written under base 8. This means that it uses 8 different symbols to be represented, ranging from 0 to 7. The octal representation, in turn, works as follows:

Permission to execute

Permission to write and execute

;

Read

Read and write

Read, write, and execute

NUMBER	MEANING
0	No access permission
	1
2	Write permission
	3
4	Read permission	5
and execute
permission	6
permission	7

permission

Main Chmod permission settings

Chmod’s main permission settings include 644, 755, 555, and 777. We will talk about each of them.

Chmod 644

chmod 644 allows the owner to access and modify the file however they want. However, other users will only be able to access without the ability to modify. In addition, no one can execute the file, which is true even for the owner.

This command works for files that are publicly accessible, since they balance flexibility with security.

Chmod 755

The second command, the chmod 755, is quite similar to the first. In other words, it will allow the owner to access and modify the file as desired.

At the same time, users will only view without being able to change anything, as it works in the first one. However, the difference is in the executions. To be chmod, everyone also has permission to perform it.

This case applies to situations in which directories are publicly accessible, since execution permission is required to switch to a directory.

Chmod 555

Chmod 555 allows the file to not be modified by anyone, with the exception of the system’s superuser.

This is a less common situation compared to chmod 644. However, it is important to know about it because the read-only setting prevents accidental changes as well as tampering.

Chmod 777

The latest chmod is 777. It is capable of allowing anyone to do whatever they want with the file. Therefore, anyone can access the file, modify it however they want, and execute it on the system

In other words, it is a command with a high security risk, especially for web servers. If someone not indicated has access, it could completely compromise the system.

Deepen your Linux knowledge with our online course! Enroll now!

Conclusion

In this article you can have an overview of the chmod command on Linux and what its applications are. His purpose is to always change file permissions!

Uirá Endy Ribeiro

Uirá Endy Ribeiro is a Software Developer and Cloud Computing Architect with a 23-year career. He has master's degrees in computer science and fifteen IT certifications and is the author of 11 books recognized in the IT world market. He is also Director at Universidade Salgado de Oliveira and Director of the Linux Professional Institute - LPI Director's Board.

0 Shares

#chmod command #file permissions #rwx