chmod command is used to change access permission of files and directories in Linux operating systems. chmod stands for change mode. Access permissions specifies whether a user account or group can read, write or execute given file and directory.

Syntax

Syntax of chmod command is like below.

Roles

While managing access permission for files and directories we should specify the roles. Permissions are set and bind to the given roles. In Linux following roles exists for access permissions.

• owner specifies the file or directory owners. It can be listed with ls -l command
• group specifies the file or directory group owners. Files and directories group owners can be listed with ls -l
• other specifies all user accounts and groups which means all other world. While giving privilege to this role be cautious.

Access Modes

In Linux there are three access modes. Access modes specifies the way given user or group access to the file or directory.

• read mode specifies reading file or directory.
• write mode specifies writing and changing file or directory
• execute mode specifies executing file

List Permissions

Before starting to change permissions we need to list current roles and permissions about files and directories. We will use ls -lcommand to list permissions. In this example we will list all current working directory file and folders permissions.

We can see that owner user and group is ismail and the first column like --rw-r--r-- shows user, group and other privileges.

• - is user or group bit
• rw- is owner permissions. Here read and write permission given
• r-- is group permission. Only read permission given
• Last r-- is other permission. Only read permission given.

Change User Permission

Now those provided information to understand file and directory permissions is enough. We will change single directory permission in this example. We will change user permission of file named ping.txt . We will use u to specify user. + means add permission. x mean execute permission.

Change Group Permission

We can change a file or directory permission with g option. In this example we will remove group read permission of file ping.txt .

• g used to specify group
• - is used to remove given permission
• r is used to specify read permission

Change Multiple Roles Permissions

We can change in a single chmod command multiple roles permissions. We will just delimit them with a command.

Change Permission Recursively

Changing file and directory permissions one by one is a trivial task. We can use -r option to take effect all sub directories recursively. In the following example we change all given directory named test and its sub directories permissions.

Add Permission

We have already seen but I want to emphasize add permission operation. + between role and permission used to add permission to the given role. In this example we add permission to the user to execute ping.txt

Remove Permission

- between role and permission is used to remove permission for given role. In this example we remove users execute permission from file ping.txt

Copy Permissions From Other File

If we have already set some files permissions we can use this file as a reference point for permission. We can copy given file permissions to the specified file. We will use --reference option and the rerence file name. In this example we will use run file permissions as reference to apply into run2 .

Numeric Permissions

Up to now we have user u , g and o for roles and x , w ,r for permissions. There is another presentation for these. We will use three digits for u ,g , o role specification like 540 . Here 5 is for user , 5 is  for group  for others.

• r value is 1
• w value is 2
• x value is 4

So if we want to give r and w we will sum their numeric values which is 3 .

Here some examples

• x w equal to 6
• r x equal to 5

Using Numeric Values For Chmod

We can use previously explained numeric values for chmod . We will only provide related value to the command. In this example we only want the user read , write and execute permissions and others not.

Give All Permissions To All Roles

We can give all permission to all roles which means user, group and others can read, write and execute. This is very insecure and dangerous action. We will use 777