Permission basics

• Three classes: u (owner/user), g (group), o (others). a = u+g+o.
• Three permission types: r (read), w (write), x (execute).
• Permissions can be shown with ls -l (e.g., -rwxr-xr–).

Two common ways to use chmod

1. Symbolic mode (human-readable)

• Add a permission:
  chmod u+x script.sh # give owner execute

• Remove a permission:
  chmod g-w file.txt # remove write for group

• Set exact permissions for classes:
  chmod u=rwx,g=rx,o=r file

• Apply to all (a) or multiple classes:
  chmod a+x /usr/local/bin/tool
chmod ug+rw somefile


2. Numeric (octal) mode (compact)

• Each class uses a digit: read=4, write=2, execute=1; sum them.
  • 7 = rwx, 6 = rw-, 5 = r-x, 4 = r–, 0 = —
• Format: chmod [owner][group][others]
  chmod 755 script.sh # owner rwx (7), group r-x (5), others r-x (5)
chmod 644 file.txt # owner rw-, group r--, others r--
chmod 700 secret.sh # only owner has all permissions


Recursive and special options

• Recursive (apply to directory and contents):
  chmod -R 755 /path/to/dir

• Preserve symbolic links note: chmod -R follows links on some systems; be careful.
• Setuid, setgid, sticky bits (special):
  • setuid (4xxx): run as file owner:
    chmod 4755 /usr/bin/someprog

  • setgid (2xxx):
    chmod 2755 /some/dir

  • sticky (1xxx) typically on shared dirs (e.g., /tmp):
    chmod 1777 /tmp


Examples:

• Make a script executable for owner only:
  chmod u+x myscript.sh

• Make a web directory readable by everyone:
  chmod -R 755 /var/www/html

• Make a file readable/writable only by owner:
  chmod 600 secret.key

• Add execute for owner and group:
  chmod ug+x build.sh


Checking results:

• Use ls -l to verify:
  ls -l myscript.sh
-rwxr--r-- 1 you you 123 Dec 5 12:00 myscript.sh


Common tips:

• Use symbolic mode for incremental changes (safer to avoid overwriting unintended bits).
• Use numeric mode for setting exact permissions quickly.
• Be cautious with chmod -R on system directories; incorrect permissions can break services.