I wrote this for the Linux keyboard shortcuts and commands page and thought it’s enough to be it’s own post.
Permissions in ls
– < rwx for user > < rwx for group > < rwx for others >
– can be D for directory, L for link, – for files
aaron@ubuntu-test:~$ ls -l file.sh -rwxr-xr-- 1 aaron aaron 0 Oct 23 17:11 file.sh
–rwxr-xr——: user can read write and execute
-rwxr-xr——: group can read and execute
-rwxr-xr——: others can read
Setting Permissions
You can set permissions with chmod < permissions > < filename > .
The chmod command only sets permissions, it can not set the group or owner. Use chown for that.
You can use -R to set permissions recursively.
chmod < permissions > < filename >
There are multiple ways to state the permissions with chmod.
Both methods accomplish the same goal. Use whichever one you find easier.
Symbolic
Symbolic uses characters for the class(es), an operator, and mode(s).
chmod < class > < operator > < mode > < filename >
Classes
u: the user that owns the file
g: the group that owns the file
o: other users not in the classes above
a: all users
(blank): changes will apply to all classes if missing or blank
Operators
+: add mode to classes
–: subtract mode from classes
=: set (replace) mode to classes
Modes
There are a few other modes but these are the most common.
r: read
w: write
x: execute
Symbolic Examples
Set (replace) permissions for user (file owner) to read (no write/execute)
chmod u=r test-file.txt
chmod u=r test-file.txt
Add write permission for user (file owner)
chmod u+w test-file.txt
chmod u+w test-file.txt
Add execute permission for user (file owner) and group
chmod u+x,g+x test-file.txt
chmod u+x,g+x test-file.txt
You could also do it this way.
chmod ug+x test-file.txt
chmod ug+x test-file.txt
Leaving the class blank by using “+x” will add execute to all classes
chmod +x test-file.txt
chmod +x test-file.txt
Numerical
There are 3 (technically 4) digits that represent each class.
This can be confusing because there is no space between the numbers.
Think of 0754 as zero seven five four instead of seven hundred fifty four.
From left to right: 0 user group others
7 for the user
5 for the group
4 for others
The next part requires some math. Each class can have a mode with the maximum value of up to 7. You get this value by adding up each mode’s value.
Mode values
Execute: 1
Write: 2
Read: 4
Let’s start with an easy one. 7 is the maximum value and gives read write execute.
4 (read) + 2 (write) + 1 (execute) = 7 (rwx)
5 is read and execute
4 (read) + 1 (execute) = 5 (wx)
If you only want one mode (usually read), you’d just use that number.
4 (read) = 4 (r)
Note that I didn’t add 0s in that example for the other modes. If you don’t want the mode included leave it out of your math.
Numerical cheat sheet
I’ll never remember those numbers either. Here’s a cheat sheet.
Once you get to 4 you can appreciate why they chose these values.
2 + 2 = 4 but you can’t have write permissions twice. There is no 3 so there’s only one way to get 5.
7: 4 (read) + 2 (write) + 1 (execute) = 7 (rwx)
6: 4 (read) + 2 (write) = 6 (rw)
5: 4 (read) + 1 (execute) = 5 (rx)
4: 4 (read) = 4 (r)
3: 2 (write) + 1 (execute) = 3 (wx)
2: 2 (write) = 2 (w)
1: 1 (execute) = 1 (x)
0: none (—)
Final Value
Once you have your 0-7 digit for each group put them next to each other (don’t add) to get your number.
chmod 754 test-file.txt
chmod 754 test-file.txt
7 (rwx) for the user
5 (rx) for the group
4 (r) for others
