LinuxCommandLibrary

chmod

Change file or directory permissions

TLDR

Give the [u]ser who owns a file the right to e[x]ecute it

$ chmod u+x [path/to/file]
copy

Give the [u]ser rights to [r]ead and [w]rite to a file/directory
$ chmod u+rw [path/to/file_or_directory]
copy

Remove e[x]ecutable rights from the [g]roup
$ chmod g-x [path/to/file]
copy

Give [a]ll users rights to [r]ead and e[x]ecute
$ chmod a+rx [path/to/file]
copy

Give [o]thers (not in the file owner's group) the same rights as the [g]roup
$ chmod o=g [path/to/file]
copy

Remove all rights from [o]thers
$ chmod o= [path/to/file]
copy

Change permissions recursively giving [g]roup and [o]thers the ability to [w]rite
$ chmod [[-R|--recursive]] g+w,o+w [path/to/directory]
copy

Recursively give [a]ll users [r]ead permissions to files. Also give e[X]ecute permissions to files that have at least one execution permission and to all sub-directories
$ chmod [[-R|--recursive]] a+rX [path/to/directory]
copy

SYNOPSIS

chmod [OPTION]... MODE[,MODE]... FILE...
chmod [OPTION]... --reference=RFILE FILE...

PARAMETERS

-c, --changes
    Like verbose but report only when changes are made

-f, --silent, --quiet
    Suppress most error messages

-v, --verbose
    Output a message for each file processed

--reference=RFILE
    Use RFILE's mode instead of MODE values

-R, --recursive
    Change files and directories recursively

--help
    Display help and exit

--version
    Output version information and exit

DESCRIPTION

The chmod command modifies file permissions in Unix-like systems, controlling who can read, write, or execute files and directories. Permissions are divided into three categories: owner (user), group, and others. Each has read (r, value 4), write (w, value 2), and execute (x, value 1) bits.

Permissions can be set using symbolic notation (e.g., u+rwx,g+rx for user read/write/execute, group read/execute) or octal notation (e.g., 755 for rwxr-xr-x). Special modes include setuid (4xxx, executes as owner), setgid (2xxx, executes as group), and sticky bit (1xxx, restricts deletion in shared directories).

Directories require execute permission for traversal. Default permissions are influenced by umask. Use ls -l to view modes. chmod is essential for security, ensuring sensitive files are protected while allowing necessary access. Recursive changes with -R affect entire trees, so caution is advised.

CAVEATS

Recursive (-R) changes can unintentionally alter system files, risking security breaches. Requires superuser privileges for some files (e.g., /etc/shadow). Incorrect permissions may expose data or prevent access. Test on copies first.
Avoid 777 on public systems.

SYMBOLIC MODES

Use who op perm: who = u(user), g(group), o(others), a(all); op = +, -, =; perm = r,w,x,X(special exec),s(setuid/gid),t(sticky).
Example: chmod u+x,g=rw file

OCTAL MODES

Three digits: user/group/other (0-7).
7=rwx(4+2+1), 6=rw-(4+2), 5=r-x(4+1), etc.
Special: 4=setuid, 2=setgid, 1=sticky.
Example: chmod 755 script.sh (rwxr-xr-x)

HISTORY

Originated in early Unix (1971 AT&T Version 1). Evolved through BSD and System V. Standardized in POSIX.1-2001. Coreutils version maintained by GNU since 1990s.

SEE ALSO

chown(1), chgrp(1), umask(1), ls(1), stat(1)

Copied to clipboard