kazmax - Home Server on Linux

Change of access right (permission) - chmod

Use the chmod command to change file and directory permissions.

The chmod command has two modes: symbolic mode and numeric mode. In symbolic mode, access rights can be added, deleted, and specified. In the numeric mode, the input of the option part of the command is shortened, but it can only be fixed to the specified access right.

Last Update : January 07, 2020

Change of access right (permission) - chmod

  1. Example of using the symbolic mode and numeric mode
  2. How to Use the chmod Command
  3. Explanation of symbols in symbolic mode
  4. Explanation of numeric mode

1. Example of using the symbolic mode and numeric mode

This is an example of use in symbolic mode and numeric mode. Detailed usage will be described later.

Numeric mode

Permission set to 755.
$ chmod 755 test.txt
$ ls -l
total 4
-rwxr-xr-x 1 test_user test_user 7 Jan  7 21:49 test.txt


Symbolic mode

Add write permission to "group".
$ chmod g+w test.txt
$ ls -l
total 4
-rwxrwxr-x 1 test_user test_user 7 Jan  7 21:49 test.txt


Remove "execute" permission from "group" and "other" permissions.
$ chmod go-x test.txt
$ ls -l
total 4
-rwxrw-r-- 1 test_user test_user 7 Jan  7 21:49 test.txt

2. How to Use the chmod Command

Usage

chmod [options] mode file...

Useful options

OPTIONS Meaning
-v, --verbose Displays in detail the actions that have been or have not been changed for all files.
-R, --recursive Recursively change permissions on directories and what they contain.
# chmod -v 644 test.txt
mode of `test.txt' retained as 0644 (rw-r--r--) ← output a diagnostic for every file processed.

mode

Specify permissions in mode. The details of "mode" are described in the next section.

3. Explanation of symbols in symbolic mode

In symbols mode, the "mode" part of the chmod format is described by the following symbols.

[ugoa...][[+-=][rwxXstugo...]...][,...]

For example,

chmod g+w file.txt

Write as this.

When specifying permissions in symbolic mode, they begin with one of "u, g, o, a". "u, g, o, a" specifies the target whose access authority is to be changed.

The meaning of the symbols is as follows.

Symbol Meaning
u Owner
g Owning group
o Other accounts that are neither the owner nor the owning group.
a All meaning. It means that u, g, o are all selected.
If omitted "u, g, o, a" can be omitted. In that case, "a" is designated.

Next, specify +,-, =. These operators have the following meaning.

Symbol Meaning
+ Add selected permissions.
- Remove selected permissions.
= Make the selected access right.

Finally, specify the access rights.

Symbol Meaning
r read
w write
x execute (or search for directories)

Notes

As for access authority, I think that you use rwx often, but there are other things like the following.

Symbol Meaning
X If the execution right is set for the owner, group, or any other, add (delete) the execution right.
s Set User ID, Set Group ID.(Explain on another page)
t sticky bit.(Explain on another page)
u Represents the access rights set for the owner part. For example, g + u adds the same permissions to the group as the owner.
g The access rights set for the group part.
o The access rights set for the other parts.

Specify multiple changes at once

You can also specify access rights at once, separated by commas.

For example,

chmod g+r,o+r test.txt

* There must be no space after the ",".

You can also specify rwx for g.

chmod g+rwx test.txt

Convenient because you can set multiple access permissions at once.

4. Explanation of numerical mode

Numerical mode is simpler than symbolic mode and allows you to set permissions for specified numbers.

How to make numbers is also explained in "Symbolic notation and numerical notation of access right (permission)".

Numeric Meaning
1000 sticky bit
2000 Set Group ID
4000 Set User ID
100 Owner execute
200 Owner write
400 Owner read
10 Owning group execute
20 Owning group write
40 Owning group read
1 Other accounts execute
2 Other accounts write
4 Other accounts read

You can calculate the number that should be assigned to a mode by adding the number representing the desired authority.

For example, if the owner needs execute, write, and read, and the group needs read, and other needs read permissions,
100 + 200 + 400 + 40 + 4 = 744
become.

chmod 744 test.txt

Will set permissions such as execute, write, read for owner + read for group + read for others.

File and Directory permission management Related Article