chmod Command Understanding how-to grant file permissions
Chmod command understanding how-to grant file permissions why i said title like that, because chmod command used for changing file mode bits. chmod changes the file mode bits of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new mode bits.
Syntax : chmod <permissions> File / Directory Name
Read More: AWK Tutorial
chmod command Understanding how-to grant file permissions
Let’s Understand the file and directory permissions first so that it makes very easy to go further. File Or Directory permissions we assign in form of User, Group and Others.
For chmod command we use numerical values such as 4 = read, 2 = write and 1 = execute and character representation is r = read, w = write and x =execute.
Numerical Values and there representation
Number | Permission Type | Symbol |
---|---|---|
0 | No Permission | — |
1 | Execute | –x |
2 | Write | –w |
3 | Execute + Write | -wx |
4 | Read | r– |
5 | Read + Execute | r-x |
6 | Read + Write | rw- |
7 | Read + Write + Execute | rwx |
Assigning the permissions using numerical values we always have to use three numbers (User + Group + Others) if you type one or two its not going to work.
1. Revoke all the permissions of file
Using all Zero’s along with chmod will revoke file / directory permissions
chmod 000 techtutorial
2. Provide Execute permissions to Owner + Group + Others
111 numerical value will grant execute permissions to user(owner), group and others to specified file. If you provide same permissions to directory you can enter into directory but you can’t do anything, directory execute permissions means providing the access to enter into directory.
chmod 111 techtutorial
3. Write Permissions to all
222 Write Permissions for Owner, Group members and Others. First 2 assigns write permission for Owner (user), second 2 will assign write permission to Group members and Third 2 assigns write permissions to others.
chmod 222 techtutorial
4. Read Only Permissions to all
Providing Read permissions to Directory means we can list all the files in directory but we can’t enter into directory. Filer read permission can allow us to read the data inside of the file.
chmod 444 samplefile
5. Mixed permissions
Numerical values have to remember what are the permissions already there to Owner, Group Members and Others, because if you would like assign write permissions to group members, do not screw up existing permissions. Numerical values must be three as i said above. If not permissions can’t be proper manner. Let’s see few examples
[root@ArkIT chmod]#ls -l techtutorial -r--r--r--. 1 root root 0 Feb 11 13:46 techtutorial [root@ArkIT chmod]#chmod 464 techtutorial [root@ArkIT chmod]#ls -l techtutorial -r--rw-r--. 1 root root 0 Feb 11 13:46 techtutorial
As per above example, first techtutorial file has read only permissions and you want to assign write permissions to group members, then ultimately you have to remember user(owner) and other permissions. So Owner permissions 4, Group Permissions 6 (including read + write) and others 4 read only permissions
Full permissions to Owner, Group and Others [root@ArkIT chmod]#chmod 777 techtutorial [root@ArkIT chmod]#ls -l techtutorial -rwxrwxrwx. 1 root root 0 Feb 11 13:46 techtutorial Random Permissions [root@ArkIT chmod]#chmod 755 techtutorial [root@ArkIT chmod]#ls -l techtutorial -rwxr-xr-x. 1 root root 0 Feb 11 13:46 techtutorial Full Permissions for Owner and Read + Write for Group and Others [root@ArkIT chmod]#chmod 766 techtutorial [root@ArkIT chmod]#ls -l techtutorial -rwxrw-rw-. 1 root root 0 Feb 11 13:46 techtutorial
Note: Using Numerical values providing permissions to particular section like Owner Or Group Or Others will be difficult, Using Alpha would be flexible in this case, Let’s see few examples using alpha values.
Grant Filer Permissions using Alpha characters
Chracter Symbol | Representation |
---|---|
u | User / Owner |
g | Group |
o | Others |
a | All |
Operator | Description |
---|---|
+ | Adding Permissions to a File / Directory |
– | Removing Permissions from File / Directory |
= | Sets the permissions and overrides permissions set earlier |
The operator + causes the selected file mode bits to be added to the existing file mode bits of each file; – causes them to be removed; and = causes them to be added and causes unmentioned bits to be removed except that a directory’s unmentioned set user and group ID bits are not affected.
Note: No Need of remembering previous File / Directory permissions, simply grant permissions
Grant Read Only Permissions to Owner
Representation of u = User and + (Plus) r = Read permissions
[root@ArkIT chmod]#ls -l techtutorial
----------. 1 root root 0 Feb 11 13:46 techtutorial
[root@ArkIT chmod]#chmod u+r techtutorial
[root@ArkIT chmod]#ls -l techtutorial
-r--------. 1 root root 0 Feb 11 13:46 techtutorial
Write Permissions to Owner
[root@ArkIT chmod]#chmod u+w techtutorial [root@ArkIT chmod]#ls -l techtutorial -rw-------. 1 root root 0 Feb 11 13:46 techtutorial
Granting Permissions to Owner is simple using character based along with chmod command grant file permissions
Random Permissions and There Examples
Assign Read + Write + Execute Permissions for group members
[root@ArkIT chmod]#chmod g+rwx techtutorial [root@ArkIT chmod]#ls -l techtutorial -rw-rwx---. 1 root root 0 Feb 11 13:46 techtutorial
g = Group “+” (Plus) means adding permissions to group rwx (read, write and execute)
As per below example granting permissions to all. Which is equal to chmod 777 fileName
[root@ArkIT chmod]#chmod a+rwx techtutorial [root@ArkIT chmod]#ls -l techtutorial -rwxrwxrwx. 1 root root 0 Feb 11 13:46 techtutorial
Provide permissions to User and Others Read + Write
[root@ArkIT chmod]#chmod uo+rw techtutorial [root@ArkIT chmod]#ls -l techtutorial -rw----rw-. 1 root root 0 Feb 11 13:46 techtutorial
Like wise you can use any combinations to grant permissions to files and directories.
Special Permissions Sticky Bit, SetUID and SetGID
Refer above page for sticky bit permission and its explanation
Throughout the article i did not talked about setUID and setGUID. Where this permissions as you went trough entire article, granting permissions we can also use 4 digits, first digit in four digits is hold sticky bit, setUID and setGUID. Example is shown below grant file permissions
[root@ArkIT chmod]#chmod 7777 techtutorial [root@ArkIT chmod]#ls -l techtutorial -rwsrwsrwt. 1 root root 0 Feb 11 13:46 techtutorial
SPL Permission | Description |
---|---|
1 | Sticky Bit |
2 | SUID Can applied to Files |
4 | SGUID Can applied to files / Directories |
u+s | SUID Can applied to files |
g+s | SGUID Can applied to files / Directories |
t | Sticky Bit Can be applied to Files |
Granting Sticky Bit to Particular File using chmod
Along with chmod command numerical value 1 will grant sticky bit to file. Restricted deletion flag or sticky bit (t) grant file permissions
[root@ArkIT chmod]#chmod 1455 sample [root@ArkIT chmod]#ls -l sample -r--r-xr-t. 1 root root 0 Feb 11 20:02 sample
Assign SUID to a File
What is SUID..?
When an executable file runs, it runs under the ownership of the user who has executed it. It means that when admin user runs “ls” command, then the corresponding process will run under the ownership of admin user. The SUID bit, also known as Set User ID bit, overwrites this behavior. If SUID bit is set on a program, then that program will run as the owner of that file, irrespective of who is executing it. grant file permissions
[root@ArkIT chmod]#chmod 4455 sample [root@ArkIT chmod]#ls -l sample -r-Sr-xr-x. 1 root root 0 Feb 11 20:02 sample [root@ArkIT chmod]#touch sample1 [root@ArkIT chmod]#chmod u+s sample1 [root@ArkIT chmod]#ls -l sample1 -rwSr--r--. 1 root root 0 Feb 11 20:10 sample1
Set SGID To File and Directory Using chmod command
On File
For file, it has similar meaning as the SUID bit, example when any user executes a file with SGID bit set on it, it will always be executed with the group ownership of that file, irrespective of who is running it.
On Directories
When SGID bit is set on a directory, all the files and directory created within it has the group ownership of the group associated with that directory. It means that after setting SGID bit on /Project1 directory, all the files and directories being created in this directory will have the group ownership of “Project1” group. grant file permissions
[root@ArkIT chmod]#chmod 2744 sample [root@ArkIT chmod]#ls -l sample -rwxr-Sr--. 1 root root 0 Feb 11 20:18 sample [root@ArkIT chmod]#chmod g+s sample1 [root@ArkIT chmod]#ls -l sample1 -rw-r-Sr--. 1 root root 0 Feb 11 20:18 sample1
Conclusion :
chmod command can be used to grant file permissions and also used for granting special permissions to files / directories. I tried to explain all the possible ways to use chmod.
Related Articles
10 top command practical examples
ps command in Linux explained in detailed
Thanks for your wonderful Support and Encouragement