With Bash you can modify the access mode of permissions of a file or directory. Unix system also has special permissions: SUID, SGID, and sticky bit. You can learn more in Special permissions.
Basic command
The chmod command in Bash allows the owner of a file or directory to change its permissions.
Check permissions
While using ls -l command which displays the long format of the files, including file permissions, here the first column represents different access modes, i.e. permission associate with a file or a directory:
-rwxr-xr-- 1 amrood users 1024 Nov 2 00:10 myfile
- The first character defines the file type, a file is represented with
-, whereas a directory is with a letterd. In this case the permissions start with-, which indicates it is a file. - The permissions are broken into groups of three, each representing the permissions for a specific category of users in order: owner, group, and others.
- Each position in the group denotes a specific permission in this order: read (r), write (w), execute (x),
-suggests no permission.
In this example, the permission is divided into three groups:
- owner(u):
rwx - group(g):
r-x - others(o):
r--
Which suggests that the owner has all read, write, and execute permissions, the group has read and execute permissions, and the others only has read permission.
In this example, the permissions start with a letter d, which suggests this is a directory.
drwxr-xr-- 1 amrood users 1024 Nov 2 00:10 mydir
Change permissions (chmod)
Change permissions or change modes, you use the chmod command. There are two ways to use chmod: symbolic mode and the absolute mode.
Each category of users are represented as: owner(u), group(g), and others(o).
Symbolic mode
+Adds the designated permission(s) to a file or directory-Removes the designated permission(s) from a file or directory=Sets the designated permission(s) Consider the following example:
-rwxrwxr-- 1 amrood users 1024 Nov 2 00:10 testfile
Add permission
chmod o+wx testfile.sh
ls -l-rwxrwxrwx 1 amrood users 1024 Nov 2 00:10 testfile
The o+wx command adds the write and execute permissions to the others category.
Remove permission
chmod u-x testfile.sh
ls -l-rw-rwxrwx 1 amrood users 1024 Nov 2 00:10 testfile
The u-x removes the execute permission from the owner.
Set permission
chmod g = rx testfile.sh
ls -l-rw-r-xrwx 1 amrood users 1024 Nov 2 00:10 testfile
The g = rxcommand sets group to have read and execute permissions.
All together
You can combine these commands on a single line.
chmod o+wx,u-x,g = rx testfile.sh
ls -l-rw-r-xrwx 1 amrood users 1024 Nov 2 00:10 testfile
Absolute mode
In absolute mode, we use number to specify each set of permissions for the file. Each permission is assigned with a value, as the following table shows.
| Value | Description | Ref |
|---|---|---|
| 0 | No permission | --- |
| 1 | Execute permission | —x |
| 2 | Write permission | -w- |
| 3 | Execute and write permission: 1 (execute) + 2 (write) = 3 | -wx |
| 4 | Read permission | r— |
| 5 | Read and execute permission: 4 (read) + 1 (execute) = 5 | r-x |
| 6 | Read and write permission: 4 (read) + 2 (write) = 6 | rw- |
| 7 | All permissions: 4 (read) + 2 (write) + 1 (execute) = 7 | rwx |
Consider the following example:
-rwxrwxr-- 1 amrood users 1024 Nov 2 00:10 testfile
Example
chmod 755 testfile
ls -l -rwxr-xr-x 1 amrood users 1024 Nov 2 00:10 testfile
The chmod 755 command sets 7 to owner, 5 to group, and 5 to the others.
Where 7 corresponds to All permissions to owner which is read, write, execute permissions.
5 corresponds to read and execute permissions to the group.
The last 5 corresponds to read and execute permissions to the others.