This tutorial explains chmod command symbolic notation (r, w, x, a) and octal notation (0, 1, 2, 4) in detail with chmod command arguments and options. Learn how chmod command is used to manage Linux permission levels (user, group and other) and types (read, write and execute) step by step with practical examples.
Permission levels and types
Each file and directory has three permission levels (user, group and other) and three types of permission (read, write and execute) in each level. These levels and types define who can do what with a particular object (file or directory). Permission levels and types are always mapped in following sequence.
User (Read, Write, Execute), Group (Read, Write, Execute) and Other (Read, Write, Execute)
This tutorial is the second part of our article “Learn how to manage file permission in Linux step by step with examples”. You can read other parts of this article here.
This tutorial is the first part of this article. It explains how to read the Linux file permission step by step with examples.
This tutorial is the third part of this article. It explains how to change the default umask permission temporary and permanently.
This tutorial is the last part of this article. It explains how to set immutable or sticky bit in Linux including how to set append attribute.
At shell prompt, symbols are used for permission levels and types instead of their full name. Following table explains relationship between permission levels and types with associated symbols.
If a hyphen sign is used in any type field then that level does not have that type of permission.
To view, what permission type is set in each permission level; the ls –l command is used.
|Object||User permission||group permission||other permission|
|test-dir||read, write and execute||read and execute||read and execute|
|test-file||read and write||read||read|
To learn more about how to read linux file permission, see the first part of this tutorial.
Chmod command explained
The chmod command is used to modify the permission types for files and directories. It works identically for both files and directories. It means same command is used to update the permission types for both files and directories.
Chmod command accepts arguments in two notations; symbolic and octal. In symbolic notation arguments are supplied in symbolic form while in octal notation arguments are supplied in octal form.
Chmod command symbolic notation
In symbolic notation following syntax is used.
#chmod [permission level] [+/-] [permission type] object
In above command: –
chmod: – This is the main command.
[permission level]: – The permission level (user, group or other) which we want to update.
[+/-] :- The plus (+)sign is used to add the permission while the minus (-)sign is used to remove the permission.
[permission type]: – The permission type (read, write or execute ) which we want to update.
object: – The object which permission type we want to update.
Chmod command practical example
Create a test file named test-file and note down its default permission.
Now run following commands to see how chmod command changes permission type in supplied level (as first argument).
|chmod u+x test-file||Add execute permission for user on test-file|
|chmod g+wx test-file||Add write and execute permission for group on test-file|
|chmod o+wx test-file||Add write and execute permission for other on test-file|
|chmod o-rwx test-file||Remove read, write and execute permission for other on test-file|
|chmod g-rwx test-file||Remove read, write and execute permission for group on test-file|
|chmod o-rwx test-file||Remove read, write and execute permission for user on test-file|
To verify the effect, use ls –l command after of each command.
Following figure illustrates above commands.
To specify the multiple combinations of permission levels and types, use comma (,) to separate each combination from other.
For example, following command uses two combinations; first adds write permission for group while second removes execute permission for other.
#chmod w+g,x-o test-file
Let’s take one more example. Add read, write and execute permission for user, read and write permission for group and execute permission for other.
If permission level is omitted, permission type will be changed for all three levels.
For example, in following command read permission will be added for all three levels; user, group and other.
#chmod +r test-file
Above command should not be used to update the permission types on all levels. If we want to update the same permission
types on all three levels then we should use letter a (symbol of all) to represent all permission levels.
Following command shows the correct way to use above command.
#chmod a+r test-file
Let’s test both ways to update all permissions.
As we can see in above output, when we omitted permission level, it did not work as excepted.
It skipped write permission for group and other in both cases; add and remove.
But when we used letter a (which stands for user, group and other collectively) in permission level field, it worked as excepted. It updated all permission types correctly for all permission levels.
When we omit permission level, chmod command updates permission types on all levels excluding umask bits which have value except zero.
Before we understand this concept in more detail, let’s understand how chmod command works in octal notation.
Chmod command octal notation
In octal notation we use numbers instead of symbols for permission types. This notation assigns a unique number to each permission type.
|Permission Type||Symbolic Value||Octal Value||Permission on file||Permission on directory|
|Read||r||4||Can read the file||Can list the directory|
|write||w||2||Can write in file||Can create new file or directory in directory.|
|Execute||x||1||Can execute the file||Can navigate through the directory|
|No permission||–||0||Cannot do anything||Cannot do anything|
Unlike symbolic notation where three fields are available in each level, in octal notation there is only one field available in each level.
To update multiple permission types, we have to sum all octal values.
|Symbolic notation||Octal notation||Permission Type|
|rw||6 (4+2)||Read and write permission|
|rwx||7 (4+2+1)||Read, write and execute permission|
|r-x||5 (4+0+1)||Read and execute permission|
|r–||4 (4+0+0)||Read permission|
|-wx||3 (0+2+1)||Write and execute permission|
|—||0 (0+0+0)||No permission|
Let’s take some examples to understand octal notation in detail.
Unlike symbolic notation, octal notation does not have any symbol or value for permission levels.
For permission level, it depends on the standard sequence; user, group and other. If we omit the any permission level, it will update permission levels in reverse order while assuming 0 in omitted filed.
|Command which you type||Command which shell runs||Description|
|chmod 0 test-file||chmod 000 test-file||remove all permissions from all levels|
|chmod 7 test-file||chmod 007 test-file||remove all permissions from user and group and add read, write and execute (4+2+1 = 7) permission for others|
|chmod 57 test-file||chmod 057 test-file||remove all permission form user and add read and execute permission for group and read, write and execute permission for other|
|chmod 457 test-file||chmod 457 test-file||add read permission for user, read and write permission for group and read, write and execute permission for other|
In symbolic notation we skipped following topic.
If we omit permission levels, permission types will be updated for all levels excluding umask bits which have value except zero.
Let’s understand this topic in detail now.
When we create a file or directory first time, shell automatically assigns default permission to it based on umask permission. The umask permission is a reference permission that is used to calculate the default permission.
Next part of this tutorial explains umask permission in detail with examples. This part only explains how (on) umask bits affect the chmod command if we omit the permission level in symbolic notation.
To view umask permission, following command is used.
In umask permission first bit has no meaning. After excluding it next three bits represent permission types for user, group and other respectively.
We only need to look for a value (other than zero) in second, third and fourth field.
Let’s take an example to understand this more clearly.
Suppose user root updates the permission types of file named new-file with symbolic notation without specifying permission levels,
now understand how this will be processed.
Default umask file permission for root user is 0022.
In above permission, only group and other have value other than zero. Both group and other have value 2 which
represent write permission in octal notation. So if root user omits permission levels, permission type will be updated for all levels excluding
write permission for group and other.
Following figure explains this example as shell prompt.
If we just want to know the final permissions or permission which will be excluded if we skip the permission level in symbolic notation, we can use –S option with umask command.
- Each file and directory in Linux has three permission levels; user, group and other. Each permission level has three types of permission; read, write and execute.
- Permission levels and permission types are always mapped in same sequence; user (read, write and execute), group (read, write and execute) and other (read, write and execute).
- Chmod command is used to change the permission types for any object.
- Chmod command supports two types of notations; symbolic and octal.
- In symbolic notation symbols are used for permission levels (u for user, g for group and o for other) and permission types (r for read, w for write and x for execute).
- In octal notation numbers are used for permission types (4 for read, 2 for write and 1 for execute). Octal notation does not use any symbol or number for permission levels. For permission levels it depends on standard sequence (user, group and other).
- If we omit permission level in symbolic notation, permission type will be updated on all levels except the umask bits which have value other than zero.
- To update same permission type in all levels, symbol a (stands for all) is used in symbolic notation.
- If we skip permission level in octal notation, shell will automatically append value zero in missing permission level field before processing it.
That’s all for this part. In next part of this article, we will understand umask permission in detail with example.
Full Version EX300 Dumps
Try EX300 Dumps Demo