100 Useful Command-Line Utilities

by Oliver; 2014

17. chmod

From An Introduction to the Command-Line (on Unix-like systems) - chmod: chmod adds or removes permissions from files or directories. In unix there are three spheres of permissions:

u - user
g - group
o - other/world

Everyone with an account on the computer is a unique user (see whoami) and, although you may not realize it, can be part of various groups, such as a particular lab within a university or a team in a company. There are also three types of permission:

r - read
w - write
x - execute

Recall that we can see a file's permissions by listing it:

$ ls -hl myfile

We can mix and match permission types and entities how we like, using a plus sign to grant permissions according to the syntax:

chmod entity+permissiontype

or a minus sign to remove permissions:

chmod entity-permissiontype

E.g.:

$ chmod u+x myfile     # make executable for you
$ chmod g+rxw myfile   # add read write execute permissions for the group
$ chmod go-wx myfile   # remove write execute permissions for the group
                       # and for everyone else (excluding you, the user)

You can also use a for "all of the above", as in:

$ chmod a-rwx myfile   # remove all permissions for you, the group,
		       # and the rest of the world

If you find the above syntax cumbersome, there's a numerical shorthand you can use with chmod. The only three I have memorized are 000, 777, and 755:

$ chmod 000 myfile     # revoke all permissions (---------)
$ chmod 777 myfile     # grant all permissions (rwxrwxrwx)
$ chmod 755 myfile     # reserve write access for the user,
                       # but grant all other permissions (rwxr-xr-x)

Read more about the numeric code here. In general, it's a good practice to allow your files to be writable by you alone, unless you have a compelling reason to share access to them.

<PREV NEXT>