3.6.3 Changing Permissions (chmod)

Use the chmod command to change permissions for a file or directory. You must be the owner of a file or directory, or have root access, to change its permissions. The general form of the chmod command is:

chmod permissions name

where permissions indicates the permissions to be changed and name is the name of the affected file or directory.

The permissions can be specified in several ways. Here is one of the forms which is easiest to use:

1. Use one or more letters indicating the users involved:

   • u (for the user)

   • g (for group)

   • o (for others)

   • a (for all three of the above categories)

2. Indicate whether the permissions are to be added (+) or removed (-).

3. Use one or more letters indicating the permissions involved:

   • r (for read)

   • w (for write)

   • x (for execute)

In the following example, write permission is added to the directory carrots for users belonging to the same group (thus, permissions is g+w and name is carrots):

$ ls -l carrots
drwxr-xr-x  3 user2           1024 Feb 10 11:15 carrots
$ chmod g+w carrots
$ ls -l carrots
drwxrwxr-x  3 user2           1024 Feb 10 11:15 carrots
$

As you can see, the hyphen (-) in the set of characters for group is changed to a w as a result of this command.

To make this same directory unreadable and unexecutable by other users outside your group (permissions is o-rx), you would enter the following:

$ ls -l carrots
drwxrwxr-x  3 user2           1024 Feb 10 11:15 carrots
$ chmod o-rx carrots
$ ls -l carrots
drwxrwx---  3 user2           1024 Feb 10 11:15 carrots
$

Now, the r (for read) and the x (for execute) in the set of characters for other users are both changed to hyphens (-).

When you create a new file or directory, the system automatically assigns permissions.

In general, the default settings for new files are:

-rw-r--r--

and for new directories are:

drwxr-xr-x

So, to make a new file turnip executable by its owner (user2), you would enter the following:

$ ls -l turnip
-rw-r--r--  3 user2           1024 Feb 10 12:27 turnip
$ chmod u+x turnip
$ ls -l turnip
-rwxr--r--  3 user2           1024 Feb 10 12:27 turnip
$

If you want to affect all three categories of users at once, use the -a option. To make a new file garlic executable by everyone, you would enter the following:

$ ls -l garlic
-rw-r--r--  3 user2           1024 Feb 10 11:31 garlic
$ chmod a+x garlic
$ ls -l garlic
-rwxr-xr-x  3 user2           1024 Feb 10 11:31 garlic
$

As a result, the x indicator appears in all three categories.

You can also change permissions for groups of files and directories using the * wildcard character. For example, you would enter the following to change the permissions for all the files in the current directory veggies so that the files can be written by you alone:

$ pwd
/home/user2/veggies
$ ls -l
-rwxrwxrwx  3 user2          21032 Feb 12 10:31 beats
-rwxrwxrwx  2 user2             68 Feb 10 11:09 corn
-rwxrwxrwx  3 user2          12675 Feb 08 09:31 garlic
-rwxrwxrwx  1 user2           1024 Feb 14 16:38 onions
$ chmod go-w *
$ ls -l
-rwxr-xr-x  3 user2          21032 Feb 12 10:31 beats
-rwxr-xr-x  2 user2             68 Feb 10 11:09 corn
-rwxr-xr-x  3 user2          12675 Feb 08 09:31 garlic
-rwxr-xr-x  1 user2           1024 Feb 14 16:38 onions
$

The pwd command is included in this example to illustrate that the directory on which you perform this chmod operation must be the current directory.