Change File and Directory Permissions in Linux – Terminal Commands

This entry is part 8 of 8 in the series Network Admin in SSH

Change File and DIrectory Permissions in Linux - Terminal CommandsSo last time, we talked about the concepts of File and Directory permissions and means to view them using terminal command ls -l. But one thing, that is yet to explain, is the ways to modify the permissions and ownership information.

As you have guessed, in this part we are going to look into chown, chgrp and chmod commands to see how exactly we are supposed to perform permission related operations.

#1: Modifying the Ownership of a file:

The superuser can modify the ownership information of a file, ie, s/he can change the User and Group owner of a file. The commands to use are chown and chgrp respectively.

#1.1: Modifying Owner User using chown:

The synopsis is to use the command followed by the username or ID of the new owner followed by the file path.

chown user_name file

The command above should change the owner of the file to user_name. We can also combine owner group with the user_name using a colon (:), in order to change the Owner group in a single shot. The command would be:

chown user_name:user_group file

To recursively apply the new owner information on all subdirectories and files of a directory, we use it with -R parameter.

chown -R user:group dir

#1.2: Modifying Owner Group using chgrp:

This is used just to change the group of a file.

chgrp group_name file

Similarly for recursive operation, we would use:

chgrp -R group_name dir

#2: Change file and directory permissions:

To modify file permissions, we use chmod. The owner User of the file or the superuser can execute this command.

chmod has two modes of operations, symbolic mode and numeric mode. We shall see the two modes separately. But before we do, let us quickly revise the operations and their symbolic and octal representation.

#2.0: Representation of Operations:

The possible permissions are obviously Read, Write and Execute. Their representation and effects (for a quick revision) are as follows:

Operations Representations Effects on
Symbolic Octal Files Directories
Read r 4 Affected users can Read the file. Affected users can list the files within the directory.
Write w 2 Affected users can modify the file. Affected users can create, rename or delete files inside the directory and modify the directory’s attributes.So, if a file has Write bit set, then we can only edit that file, but we will be able to rename or delete it, only if the parent directory has write permission.
Execute x 1 The file can be executed by the affected users. For example a script or an application file. Affected users can enter the directory and access files and directories inside.Note that, a directory must have both Read and Execute permission in order to let proper access to all the files inside it. With just execute permission, the affected users can access the directory, but can not list files within it.
No Permission 0 None of the above operations can be performed by the affected users.

#2.1: Symbolic mode:

The synopsis of symbolic mode is:

chmod [OPTION] ... MODE[,MODE]... FILE...

The mode is decided by the following sequence:

  1. First we decide the Ownership for which we will be changing the mode. It can be User(u), Group(g), Others (o). We can also refer to multiple Owners by concatenating corresponding symbols (ug for User and Group, go for Group and Other etc).
  2. Next, we decide the operation.
    1. To add permissions we use +.
    2. To remove permissions we use -.
    3. To make a new permission altogether, we use =.
  3. The last one is to decide the permissions. Basically, we use the symbolic representation of the permissions.
    1. For Read we use r.
    2. For Write we use w.
    3. For Execute we use x.

It might sound a but tricky at the beginning, but once you get a hold of it becomes easier to remember.

Examples:

Command Explanation
 

chmod u+x file1
 Add the Execute permission for the Owner User.
 

chmod o+rwx file1
 Add the Read, Write and Execute for the Other.
 

chmod g=rx file1
 Set permission to Read and Execute for the Group.
 

chmod ug=rwx,o=rx file1
 Set Read, Write, Execute for User and Group and Read and Execute for Other.
 

chmod g+x,o-x file1
 Add Execute to Group, Remove Execute from Other.
 

chmod a=rwx file1
 Pretty simple, aren’t they? Here, file1 is basically the name of the file to which we are performing the operation.

#2.2: Numeric (Octal) Mode:

The synopsis is:

chmod [OPTION] ... OCTAL-MODE FILE ...

Where OCTAL-MODE is basically a 3 digit octal number which corresponds the permissions.

  1. The first digit is the summation of all permissions for User.
  2. The second digit is the summation of all permissions for the Group.
  3. The third is the same for Other.

So, how do we calculate the summation of the permissions? Yes, as you might have guessed, it is just the summation of the Octal representation of the operations. So, the octal digit 7 (4+2+1), would mean Read, Write and Execute. Similarly (2+1) 3 would mean, Write and Execute. Here is a list for your quick reference.

Octal Number Breakdown Symbolic Equivalence
7 4 + 2 + 1
rwx
6 4 + 2
rw-
5 4 + 1
r-x
4 4
r--
3 2 + 1
-wx
2 2
-w-
1 1
--x
0 0
---

Once decided, we pile up the permission bits in the order mentioned before (User, Group, Other). So a permission bit 640 would mean

rw- r-- ---

Examples:

Command Explanation
chmod 740 file1
 Add the permissions:

rwx r-- ---
chmod 664 file1
Add the permissions:

rw- rw- r--
chmod 640 file1
Add the permissions:

rw- r-- ---

#2.3: Parameters:

The most useful parameters are:

  1. -R : To apply changes recursively to a directory.
  2. -v : Verbose, ie, to state what it is doing at each step.
chmod -Rv a=rwx dir1

#3: Modifying the sticky bit of a directory:

Remember the concept of sticky bit we talked about in the last tutorial? We have seen how to view the sticky bit and it shows up as an additional character “t” if a directory has a sticky bit. Now to set it, we can do one of the followings. Please note that, sticky bit does not correspond to any particular Owner, rather it is a characteristics bit of the directory itself.

#3.1: Using Symbolic Mode:

The symbol to use here is t. So an example would be:

chmod +t dir

To add sticky bit to the directory named dir.

#3.2: Using Numeric (Octal) Mode:

We have to add an extra number 1 before the permission digit. So an example would be:

chmod 1773 dir

Conclusion:

So that was the end of Files and Directory permissions. If you have read and understand the two tutorials, then you would never find yourself lost when dealing with such things. If you do feel however, then you know where to ask.