These simple instructions show you how to manage file permissions using the chmod Command in Linux so as to protect your system from unauthorized access.
The chmod command in Linux is used to change access permissions of files and directories.
Of Roles, Permissions and the chmod Command
File permissions in Linux are assigned through Roles. Generally, there are three types of roles available in Linux systems. These are:
- User (u): Owner or creator of the file or directory
- Group (g): All the group members
- Other (o): All other users that don’t fall into the above roles
Each of the above roles has three types of permissions. These are:
- Read (r): Member can read the file content or List files in a directory
- Write (w): Member can write content to file or Create, list, rename, delete a file in a directory
- Execute (x): Member can execute any file like shell or bash scripts or access the directory and files
The symbols above placed in the brackets represent the roles and permissions and are used when setting the respective permissions of files and directories. they can be used individually or combined.
For example, you can target more than one role by combining symbols like this: User+Group (ug), User+Group+Other (ugo), User+Other(uo).
Similarly, you can do the same with permissions like Read+Write (rw), Read+Execute (rx), Read+Write+Execute (rwx).
Using Symbolic Notation
Let’s look at some usage examples starting with the chmod command syntax:
chmod [PERMISSIONS] [FILE]…
In this example you can give the user read and execute permissions:
$ chmod u+rx filename
While in this example you can do the same and include the group:
$ chmod u+rx,g+rx filename
or this shortcut option:
$ chmod ug+rx filename
If you are giving the different roles different permissions then you must separate them with a comma as follows:
$ chmod u+rwx,g+rx,o+r filename
The above example gives users to read, write, and execute permissions. Group gets read and execute permissions while Other gets read permissions.
Using Octal Notation
Using the octal notation you can set permissions using numbers between 0-7. Each number is calculated with the sum of:
- Read (4),
- Write (2)
- Execute (1).
For example, if you set permission 7, it means 4 + 2 + 1 (read + write + execute). If you set permission 5 means 4 + 1 (read + execute) and so on.
The permissions are set in triplets representing the three roles, user, group, and others in that order. For example if you set permission 755, it means user => 7, group => 5 and other => 5.
These are the possible combinations for the 0 – 7 in order of least to most restrictive:
7 – 4+2+1 (rwx) (Read + Write + Execute)
6 – 4+2 (rw-) (Read + Write)
5 – 4+1 (r-x) (Read + Execute)
4 – 4 (r–) (Read)
3 – 2+1 (-wx) (Write + Execute)
2 – 2 (-w-) (Write)
1 – 1 (–x) (Execute)
0 – 0 (—) (None)
Time for some examples. Here we set the user to read, write, and execute, the Group can read and execute, while Other can read and execute as well. Therefore:
- 7 is for User combined with read (4) + write (2) + execute (1)
- 5 is for Group combined with read (4) + execute (1)
- 5 is for Other is combined with read (4) + execute (1)
$ chmod 755 filename
Here is another example setting:
- 6 is for User combined with read (4) + write (2)
- 4 is for Group is read (4)
- 4 is for Other is read (4)
$ chmod 644 filename
Conclusion on chmod Command
You now know how to use the chmod command to set file and directory permissions in Linux systems. Careful thought is required when setting permissions as you do not want to give any files more permissions than needed. For example;
$ chmod 777 filename
Which gives read, write, and execute permission to literally everyone can be dangerous and is therefore not recommended.