Change permissions with chmod

Last revision August 3, 2004

Table of Contents: The Unix file system The directory tree File ownership and permissions chmod Access Control Lists Files as units Examining file contents Other commands Standard Files and Data Pipes

The chmod command is used to change the permission settings on a file or directory. Its syntax is:

chmod permission filename(s)

Multiple filenames can be specified in one command and permissions for all will be changed at once. Also, an entire directory tree (a directory and all its files and subdirectories, and all their files and subdirectories, recursively) can be changed at once using the -R option as the first argument, listed before the permission or filename arguments. See the on-line manual entry for details.

The permission argument can take two forms:

• Permissions can be specified in a relative form that only changes (adds or deletes) for particular accounts (user, group, or other). This form is easier for novices to use because it uses mnemonic letters, not digits, to represent the groups and permissions.

  Relative form syntax of the permission argument is
       [ugoa]+-[rwx]

  Here you pick one or more items from each list enclosed in brackets (you do not type the brackets), separated by either the plus or minus sign (not both).

  The first item represents the accounts that you will affect:
       u - affect permission for user (owner)
       g - affect permission for group
       o - affect permission for others
       a - affect permission for all accounts.

  Next, you give a plus sign if you are adding permission, and a minus sign
  if you are taking away permission

  The final item represents the type of permission that you will affect:
       r - read permission
       w - write permission
       x - execute permission

  You can specify a second plus or minus sign with appropriate permission in one argument, for example, og-w+r

  Examples using this relative form of permission argument:
        chmod go-rw filename
       for text files that you want no one else to read or write.
        chmod go-w filename
       for text files that others can read, but not write.
        chmod go-w+x filename
       for executable programs that others can execute, but not write.
        chmod a-w+r filename
       for text files that no one, including yourself, can write (or delete), but all can read.

• Or, permissions can be specified in an absolute form that gives a three-digit octal number which resets permissions completely and exactly, rather than relative to their current settings. In this case, the first digit gives the user permission, the second digit the group permission and the third digit the other permission. The value of any digit can be a 0 for no permission at all, a 4 for read permission only, a 6 for read and write permissions, a 5 for read and execute only, and a 7 for read, write, and execute (all permissions). These values arise from adding up the base-2 values of bits that are on in the permission setting byte. Examples:

  chmod 600 filename

  for text files that you want no one else to read or write.

  chmod 644 filename

  for text files that others can read, but not write.

  chmod 755 filename

  for executable programs that others can execute, but not write.

  chmod 444 filename

  for text files that no one, including yourself, can write (or delete), but all can read.

<--Previous

Overview

Next-->