chmod Command in Linux - Syntax, Options, Examples
chmod Command in Linux - Syntax, Options, Examples
com/kb/chmod-command
The chmod (change mode) command modifies file and directory permissions in Linux. It sets who can read, write,
or execute a file or search a directory, based on defined permission rules.
Every file and directory in Linux has three types of permissions: read (r), write (w), and execute (x), assigned to three
categories of users: owner, group, and others. The chmod command changes these permissions using either symbols
or numbers to control access.
This tutorial will explain how chmod works, its syntax, options, modes, and how to use the tool.
Prerequisites
• Linux system.
• Access to the terminal.
• User account with sudo or root permissions (in some cases).
Option Description
Applies permission changes recursively to all files and
-R subdirectories.
Outputs a diagnostic message, but only for files that were
-v changed.
Outputs a diagnostic message but only for files that were
-c changed.
-f Suppresses most error messages.
--reference=RFILE Sets permissions to match those of a reference file.
Allows recursive changes on the root directory (/) if
--no-preserve-root
explicitly specified.
The default behavior, which prevents recursive operations
--preserve-root on /.
--help Displays help information for the command.
--version Shows the version of chmod.
The table below shows common symbolic modes, their numeric equivalents, and what they mean in terms of access:
Note: For setuid, setgid, and sticky bit modes, replace ### with the usual three-digit
permission. For example, 4755, 2755, or 1777.
chmod Examples
The chmod command allows users to change permissions for files and directories. By setting specific permissions, you
control who can read, write, or execute a file.
To show the practical chmod command usage, create sample files and directories. Take the following steps:
1. Use touch to create three files called file1, file2, and file3:
The command has no output but creates these files in the Home directory.
2. Run mkdir to create two directories: dir2 and dir2.
ls Copy
The output shows all three files (in white) and two directories (in blue) created in the Home directory.
3. Create file4 and file5 inside those directories:
4. Verify file and directory permissions with the ls -l command. The general output looks like this:
In this case, the output shows all regular files and directories have read and write permissions for the owner and the
group and read-only permissions for others. It also shows that the number of hard links is one and that the size of said
files is zero.
The date, file, and directory names are also visible.
The following text covers common chmod usage examples and explains how symbolic and numeric modes work in
practice.
Symbolic Mode Examples
Symbolic mode is useful for specifying permissions for the user (owner), group, and others using symbolic letters and
operators (+, -, =). For example, use chmod in symbolic mode to:
• Grant execute permission to the file owner:
This command adds execute permission for the user (file owner) of file1. There is no output. Therefore, verify the
change with:
ls -l file1 Copy
The output shows the owner now has execute permissions (x), in addition to read and write permissions, as opposed to
the original setup (rw).
• Remove write permission for the group:
This removes the write permission for the group on file2, leaving other permissions intact.
To verify, run:
ls -l file2 Copy
The output indicates the group is missing write permissions (w) and has only read permissions.
• Grant read and write permissions to others:
This grants read and write permissions to others while leaving the owner's and group's permissions unchanged.
Verify with:
ls -l file3 Copy
The command sets read and write permissions for the owner and read-only permissions for the group and others
To verify, run this command:
ls -l file1 Copy
Verify with:
ls -l file1 Copy
This command recursively applies 755 permissions to all files and directories within dir1. In this case, the owner gets
full access (rwx), while the group and others get read and execute permissions (r-x).
Verify with:
The output shows the updated permissions for all files and directories within dir1.
Special Permission Example
Special permissions, like the Set-User-ID (SUID) and Set-Group-ID (SGID) bits, allow a file to be executed with the
permissions of the file's owner or group, rather than the permissions of the user running the command. These
permissions are mainly used to enhance security and control access to certain system resources.
The following example shows how to set the Set-User-ID (SUID) Bit. SUID allows a file to be executed with the file
owner's privileges, even if the user executing the file does not have those permissions.
This is often useful for files that require elevated privileges. For example, run the following:
This command affects /usr/local/bin/my_test_file, a file that requires elevated permissions. Therefore, sudo is used.
The command grants execute permissions with the file owner's privileges (usually root). Therefore, when a user
accesses the file, they do so with root privileges, even if they are not the root user.
To verify the SUID has been set, run:
ls -l /usr/local/bin/my_test_file Copy
The output verifies the file in question exists, requires root permissions, and provides a complete set of instructions for
setting the SUID bit.
To reverse the SUID bit settings, run:
This command removes the special permission, ensuring the file no longer runs with the file owner's privileges.
Conclusion
This tutorial explained the chmod command and how it works. It also touched upon its syntax, options, and modes.
The text also described different use case examples for the chmod command.
Next, learn about the chown command to change the ownership of a file or directory. Unlike chmod, which modifies
file permissions, chown focuses on changing the ownership of a file or directory.