On Linux and other Unix-like operating systems, there is a set of rules for each file which defines who can access that file, and how they can access it. These rules are called file permissions or file modes. The command name chmod stands for “change mode“.
“chmod” command is used to change file/directory mode bits or permissions.
File System Permissions :
Most file system have methods to assign permissions or access rights to specific users and group of users. These permissions control the ability of the users to view, change, navigate, and execute the contents of the file system. Two types of permissions are very widely used Traditional Unix permissions and Access Control Lists (ACLs).
Traditional Unix Permissions :
Permissions on Unix like systems are managed in three distinct classes. These classes are known as user, group, and others. Only the owner of a file or the super-user is permitted to change the mode of a file.
- The read permission (r) : grants the ability to read a file. When set for a directory, this permission grants the ability to read the names of files in the directory, but not to find out any further information about them such as contents, file type, size, ownership, permissions.
- The write Permission (w) : grants the ability to modify a file. When set for a directory, this permission grants the ability to modify entries in the directory, which includes creating files, deleting files, and renaming files. Note that this requires that execute is also set; without it, the write permission is meaningless for directories.
- The execute permission (x) :grants the ability to execute a file. This permission must be set for executable programs, in order to allow the operating system to run them. When set for a directory, the execute permission is interpreted as the search permission: it grants the ability to access file contents and meta-information if its name is known, but not list files inside the directory, unless read is set.
Symbolic Notation of Permissions :
Numeric Notation of Permissions :
To understand the numeric notations of permissions , it is necessary to understand decimal – binary conversions or vice – versa. Let’s go through some basic knowledge about Decimal to binary conversions.
Unix permissions is an octal (base-8) notation, this notation consists of at least three digits. Each of the three rightmost digits represents a different component of the permissions: owner, group, and others.
Each of these digits is the sum of its component bits in the Binary numeral system. As a result, specific bits add to the sum as it is represented by a numeral:
- The read bit adds 4 to its total (in binary 100)
- The write bit adds 2 to its total (in binary 010)
- The execute bit adds 1 to its total (in binary 001).
Now lets take an example to understand permissions better , here we will explain about permission 755
Some permissions with their meanings :
Using Chmod Permissions in terminal
Open your terminal and now try to view permissions of your files and directories using the following command :
$ ls - lahrt
First character is
d, d indicates a directory, a line represents a file, l is a symlink (or soft link) – special type of file.
You can view permissions of all files and directories
Lets a create a file “permission_file”
$ touch permission_file
Now write something in the file.
$ echo "this is permission test file" > permission_file
View permission of your file
$ ls - lahrt
User of the file has read and write permissions, group has only read permissions and others also have only read permission. None of them have execute permission. Numeric notations for -rw-r–r– permissions will be 644 .
Let’s give all permissions to owner, group and others
$ chmod 777 permission_file
View the permissions now it has changed, all the three owner, group and others have all permissions to read, write and execute.
Now we will take back all permissions from owner, group and others
$ chmod 000 permission_file
when you view the permissions now it shows no permission to any class , you can try viewing your file using command :
$ cat permission_file
Permission is denied, because right now it does not have read permissions. Also you can neither write nor execute because it’s not having any permissions.
Using different numeric notations you can change permissions of user, group and others.