chmod Command in Linux: Complete File Permissions Tutorial with Examples

The chmod command is one of the most essential Linux commands for managing file and directory permissions. Whether you’re a system administrator, developer, or Linux enthusiast, understanding how to properly use chmod is crucial for maintaining security and controlling access to your files and directories.

What is the chmod Command?

The chmod (change mode) command allows you to modify file and directory permissions in Linux and Unix-like operating systems. It controls who can read, write, or execute files, making it a fundamental tool for system security and file management.

Understanding Linux File Permissions

Before diving into chmod usage, it’s essential to understand how Linux file permissions work. Every file and directory has three types of permissions for three categories of users:

Permission Types

• Read (r) – Permission to view file contents or list directory contents
• Write (w) – Permission to modify file contents or create/delete files in a directory
• Execute (x) – Permission to run a file as a program or access a directory

User Categories

• Owner (u) – The user who owns the file
• Group (g) – Users belonging to the file’s group
• Others (o) – All other users on the system

Viewing Current Permissions

Use the ls -l command to view current file permissions:

$ ls -l myfile.txt
-rw-r--r-- 1 user user 1024 Aug 25 12:30 myfile.txt

The permission string -rw-r--r-- breaks down as:

• First character: File type (- for regular file, d for directory)
• Characters 2-4: Owner permissions (rw- = read and write, no execute)
• Characters 5-7: Group permissions (r-- = read only)
• Characters 8-10: Others permissions (r-- = read only)

chmod Command Syntax

The basic syntax for the chmod command is:

chmod [options] permissions file(s)

There are two main ways to specify permissions:

• Symbolic notation – Using letters and symbols
• Numeric (octal) notation – Using numbers

Symbolic Notation

Symbolic notation uses letters to represent users and permissions, along with operators to modify them.

Symbolic Notation Components

Symbolic Notation Examples

# Give execute permission to owner
$ chmod u+x script.sh

# Remove write permission from group and others
$ chmod go-w document.txt

# Set read and write for owner, read-only for group and others
$ chmod u=rw,go=r file.txt

# Add execute permission for all users
$ chmod a+x program

# Remove all permissions for others
$ chmod o-rwx private.txt

Numeric (Octal) Notation

Numeric notation uses a three-digit octal number where each digit represents permissions for owner, group, and others respectively.

Permission Values

Common Numeric Permissions

Numeric Notation Examples

# Set read/write for owner, read-only for group and others
$ chmod 644 document.txt

# Set full permissions for owner, read/execute for group and others
$ chmod 755 script.sh

# Set read/write/execute for owner only
$ chmod 700 private_script.sh

# Set read/write for owner and group, read-only for others
$ chmod 664 shared_file.txt

Practical chmod Examples

Making Files Executable

# Make a script executable for the owner
$ chmod u+x myscript.sh
$ chmod 755 myscript.sh

# Make a file executable for everyone
$ chmod a+x program
$ chmod 755 program

Securing Files

# Make a file readable/writable by owner only
$ chmod 600 sensitive_data.txt
$ chmod u=rw,go= sensitive_data.txt

# Remove write permissions from group and others
$ chmod go-w important_file.txt

Working with Directories

# Set directory permissions to allow access
$ chmod 755 my_directory/

# Make directory accessible to owner only
$ chmod 700 private_directory/

# Set permissions recursively
$ chmod -R 755 website_files/

chmod Options and Flags

Common Options

Option Examples

# Apply permissions recursively
$ chmod -R 755 /var/www/html/

# Verbose output
$ chmod -v 644 *.txt
mode of 'file1.txt' changed from 0600 (rw-------) to 0644 (rw-r--r--)
mode of 'file2.txt' retained as 0644 (rw-r--r--)

# Use reference file permissions
$ chmod --reference=template.txt newfile.txt

Advanced chmod Techniques

Special Permissions

Linux supports special permission bits beyond the basic read, write, and execute permissions:

• Setuid (4) – Run with owner’s privileges
• Setgid (2) – Run with group’s privileges
• Sticky bit (1) – Prevent deletion by non-owners

# Set setuid bit (4755)
$ chmod u+s executable

# Set setgid bit (2755)
$ chmod g+s shared_program

# Set sticky bit on directory (1755)
$ chmod +t shared_directory/

Using chmod with Find

Combine chmod with find for powerful batch operations:

# Set permissions for all files
$ find /path/to/files -type f -exec chmod 644 {} \;

# Set permissions for all directories
$ find /path/to/files -type d -exec chmod 755 {} \;

# Make all .sh files executable
$ find . -name "*.sh" -exec chmod +x {} \;

Best Practices and Security

Security Guidelines

• Principle of least privilege – Grant only necessary permissions
• Avoid 777 permissions – Rarely needed and creates security risks
• Secure executable files – Be cautious with execute permissions
• Protect sensitive files – Use 600 or 700 for private files

Common Security Mistakes

# DON'T: Make everything accessible to everyone
$ chmod 777 -R /important/directory  # Dangerous!

# DO: Use appropriate permissions
$ chmod 755 -R /var/www/html  # Web directories
$ chmod 644 /var/www/html/*.html  # Web files

Troubleshooting chmod Issues

Permission Denied Errors

If you encounter “Permission denied” errors:

# Check current permissions
$ ls -l filename

# Ensure you have appropriate permissions to modify the file
$ sudo chmod 644 filename  # Use sudo if necessary

Common Error Messages

• “Operation not permitted” – You don’t own the file or lack sudo privileges
• “Invalid mode” – Check your permission syntax
• “No such file or directory” – Verify the file path

chmod vs Other Permission Commands

Related Commands

Complete Example

# Create a new file
$ touch example.txt

# Check initial permissions
$ ls -l example.txt
-rw-r--r-- 1 user user 0 Aug 25 12:30 example.txt

# Change to owner read/write only
$ chmod 600 example.txt

# Verify changes
$ ls -l example.txt
-rw------- 1 user user 0 Aug 25 12:30 example.txt

# Make it executable
$ chmod u+x example.txt

# Final result
$ ls -l example.txt
-rwx------ 1 user user 0 Aug 25 12:30 example.txt

Conclusion

The chmod command is an indispensable tool for Linux file management and security. By mastering both symbolic and numeric notation, understanding permission types, and following security best practices, you can effectively control access to your files and directories.

Remember to always use the principle of least privilege, regularly audit your file permissions, and be particularly careful with execute permissions and recursive operations. With practice, chmod will become second nature in your Linux administration toolkit.

Whether you’re securing sensitive data, making scripts executable, or setting up web server permissions, chmod provides the flexibility and control needed for robust file system management in Linux environments.