Linux provides a very robust way to manage filesystem permission using Chmod. Chmod is a command-line application. Using chmod, you can grant or revoke access to a file and make a file executable.
Before proceeding any further, let’s understand the difference between what User and Group mean in Linux.
Understand User and Group in Linux
Suppose, you and your siblings use the same desktop and they have different accounts of their own. In that case, both you and your sibling are individual users of that system.
Group means a group of users. For example, If you want to install software, you need to run the install command prefixing sudo. Sudo is defined as a group. If you are removed from the sudo group, you will no longer be able to install any new software. You can imagine a group in Linux as a set of permissions. Every user of a group has the same permission.
How to know about the permissions a file has
To know all the permissions of a file, run the ls -l command in the parent directory. This command lists all the files and directories along with their permissions.
ls -l
# output
total 0
-rw-rw-r-- 1 hrishikesh hrishikesh 0 Sep 6 14:05 file1.txt
-rw-rw-r-- 1 hrishikesh hrishikesh 0 Sep 6 14:05 file2.txt
-rw-rw-r-- 1 hrishikesh hrishikesh 0 Sep 6 14:05 script.sh
Take a closer look at rw-rw-r-- string. Here the first 3 places represent user permission, the next 3 places represent group permission and the last 3 places represent permission to other users.
All the above file has the same permission. The user and group can read and write the files and others can only read the files.
Add Filesystem Permission in Linux
To add filesystem permission, you should use the + symbol. If you don’t define any user and group, the chmod command defaults to the current user.
| Permission Scope | Notation |
|---|---|
| User | u+ |
| Group | g+ |
| Other | o+ |
Add Read Permission
To add read permission to a user you can use the chmod +r command. If you want to be more verbose, you can use the chmod u+r command.
chmod +r file1.txt
# Checking permission of file1.txt
ls -l
# Output
-r-------- 1 hrishikesh hrishikesh 0 Sep 6 14:05 file1.txt
Here you can see that only the user can read the file1.txt file.
To give read permission to the group, use the chmod g+r command.
chmod g+r file1.txt
# Checking permission of file1.txt
ls -l
# Output
-r--r----- 1 hrishikesh hrishikesh 0 Sep 6 14:05 file1.txt
If you compare the permission string with the previous output, you can see a new r is added in the group field. This means users in the group can now read the file1.txt file.
To give read permission to all other users, use the chmod o+r command.
chmod o+r file1.txt
# Checking permission of file1.txt
ls -l
# Output
-r--r--r-- 1 hrishikesh hrishikesh 0 Sep 6 14:05 file1.txt
Again a new r is added in the other field. This represents that now all user can read the file1.txt file.
| Permission Scope | Command |
|---|---|
| User | chmod u+r |
| Group | chmod g+r |
| Others | chmod o+r |
Add Write permission
Similar to read permission, you need to use the u+w, g+w, and o+w arguments with chmod to give written permission to the user, group, and others respectively. Let’s combine all the arguments and give read permission to all.
chmod ugo+w file1.txt
# checking permission of file1.txt
ls -l
# Output
-rw-rw-rw- 1 hrishikesh hrishikesh 0 Sep 6 14:05 file1.txt
| Permission Scope | Command |
|---|---|
| User | chmod u+w |
| Group | chmod g+w |
| Others | chmod o+w |
Add Execute Permission
Similar to read and write permission, you can use the +x argument with u, g, or w to permit executing a file.
chmod +x script.sh
## Checking permission
ls -l
# Output
---x--x--x 1 hrishikesh hrishikesh 0 Sep 6 14:05 script.sh
Here you can see, that x is added in the permission string for user, group, and others.
| Permission Scope | Command |
|---|---|
| User | chmod u+x |
| Group | chmod g+x |
| Others | chmod o+x |
Remove Filesystem Permission in Linux
Remove is the opposite to add. Therefore, now you have to add - instead of + to remove permission from a file. To remove all the permissions from a file, you run the following command.
chmod ugo-rwx file1.txt
# Checking the permission
ls -l
# Output
---------- 1 hrishikesh hrishikesh 0 Sep 6 14:05 file1.txt
Remove Read Permission
To remove read permission, you should use the -r argument with u, g, or o.
| Permission Scope | Command |
|---|---|
| User | chmod u-r |
| Group | chmod g-r |
| Others | chmod o-r |
Remove Write Permission
To remove write permission, you should use the -w argument with u, g, or o.
| Permission Scope | Command |
|---|---|
| User | chmod u-w |
| Group | chmod g-w |
| Others | chmod o-w |
Remove Execute Permission
Removing execute permission follows the same pattern.
| Permission Scope | Command |
|---|---|
| User | chmod u-x |
| Group | chmod g-x |
| Others | chmod o-x |
Filesystem Permission using Numbers in Linux
In the above discussion, you will learn that we can add/remove permission for a file or folder using the +, and - symbols with the help of r, w, and x letters.
But is there any shorthand to modify filesystem permission using chmod? The answer is Yes. There are 3 numbers that you can use with chmod to modify file permissions.
| Permission Name | Number |
|---|---|
| Read | 4 |
| Write | 2 |
| Execute | 1 |
| No permission | 0 |
If you want to add some permission, add the respective digits, if you want to remove permission, subtract the digits.
For example, if you want to give read and write permission to the user and group, the command will be chmod 660 file1.txt. Here I added 4+2 which means read+write to give read and write permission to the file1.txt file. If you take a closer look, I have added 3 digits in the chmod command. These 3 digits represent user, group, and other respectively. In the previous command, chmod 660 means, to give read and write permission to the user and revoke all permissions from other users.
If you want to give read, write, and execute permission to all users, groups, and others, the command should be chmod 777. Here I added read+write+execute=7 and repeated 7 three times to represent users, groups, and others respectively.
If you want to remove all the permissions, the command will be chmod 000, which means remove all the permissions from the user, group, and others.
Conclusion
In this blog, You have learned how to modify file and directory permission using chmod. I have demonstrated 2 methods to modify permissions. You can choose either one. If you ask me, I prefer the last one (using digits).
If you learned something new, please share this article on your social media. Drop a mail if you have any queries. Good day.