Categories
Tech

Permissions in Linux

More than you probably want to know about chmod.

I wrote this for the Linux keyboard shortcuts and commands page and thought it’s enough to be it’s own post.

Permissions in ls

– < rwx for user > < rwx for group > < rwx for others >
– can be D for directory, L for link, – for files

aaron@ubuntu-test:~$ ls -l file.sh
-rwxr-xr-- 1 aaron aaron 0 Oct 23 17:11 file.sh

rwxr-xr——: user can read write and execute
-rwxr-xr——: group can read and execute
-rwxr-xr——: others can read

Setting Permissions

You can set permissions with chmod < permissions > < filename > .
The chmod command only sets permissions, it can not set the group or owner. Use chown for that.
You can use -R to set permissions recursively.

chmod < permissions > < filename >

There are multiple ways to state the permissions with chmod.
Both methods accomplish the same goal. Use whichever one you find easier.

Symbolic

Symbolic uses characters for the class(es), an operator, and mode(s).
chmod < class > < operator > < mode > < filename >

Classes

u: the user that owns the file
g: the group that owns the file
o: other users not in the classes above
a: all users
(blank): changes will apply to all classes if missing or blank

Operators

+: add mode to classes
: subtract mode from classes
=: set (replace) mode to classes

Modes

There are a few other modes but these are the most common.
r: read
w: write
x: execute

Symbolic Examples

Set (replace) permissions for user (file owner) to read (no write/execute)
chmod u=r test-file.txt

chmod u=r test-file.txt

Add write permission for user (file owner)
chmod u+w test-file.txt

chmod u+w test-file.txt

Add execute permission for user (file owner) and group
chmod u+x,g+x test-file.txt

chmod u+x,g+x test-file.txt

You could also do it this way.
chmod ug+x test-file.txt

chmod ug+x test-file.txt

Leaving the class blank by using “+x” will add execute to all classes
chmod +x test-file.txt

chmod +x test-file.txt

Numerical

There are 3 (technically 4) digits that represent each class.
This can be confusing because there is no space between the numbers.
Think of 0754 as zero seven five four instead of seven hundred fifty four.
From left to right: 0 user group others
7 for the user
5 for the group
4 for others

The next part requires some math. Each class can have a mode with the maximum value of up to 7. You get this value by adding up each mode’s value.

Mode values

Execute: 1
Write: 2
Read: 4

Let’s start with an easy one. 7 is the maximum value and gives read write execute.
4 (read) + 2 (write) + 1 (execute) = 7 (rwx)

5 is read and execute
4 (read) + 1 (execute) = 5 (wx)

If you only want one mode (usually read), you’d just use that number.
4 (read) = 4 (r)

Note that I didn’t add 0s in that example for the other modes. If you don’t want the mode included leave it out of your math.
Feel free to fight about if those 0 values are actually there or not, nobody cares.

Numerical cheat sheet

I’ll never remember those numbers either. Here’s a cheat sheet.
Once you get to 4 you can appreciate why they chose these values.
2 + 2 = 4 but you can’t have write permissions twice. There is no 3 so there’s only one way to get 5.
7: 4 (read) + 2 (write) + 1 (execute) = 7 (rwx)
6: 4 (read) + 2 (write) = 6 (rw)
5: 4 (read) + 1 (execute) = 5 (rx)
4: 4 (read) = 4 (r)
3: 2 (write) + 1 (execute) = 3 (wx)
2: 2 (write) = 2 (w)
1: 1 (execute) = 1 (x)
0: none (—)

Final Value

Once you have your 0-7 digit for each group put them next to each other (don’t add) to get your number.
chmod 754 test-file.txt

chmod 754 test-file.txt

7 (rwx) for the user
5 (rx) for the group
4 (r) for others

Leave a Reply

Your email address will not be published. Required fields are marked *