Virtual Curiosities

How to Change the Permissions of a File using the Terminal on Linux Mint

Share
In this tutorial, we'll learn how to change the file permissions of a file, folder (directory), or symlink with the terminal on Linux Mint using the terminal command chmod with the rwx notation and with the octal notation (e.g. 777).

To change the permissions of a file, execute the following command [how?]:

chmod -rwx my-file.txt

The command above will remove all permissions from a file called my-file.txt in the current working directory, meaning that you won't be able to read, write, or execute it. See [How to Refer to Files and Folders using the Terminal on Linux Mint] for how to write this filename argument.

Read, write, and execute have different meanings for files and for folders. See [What Read, Write, and Execute Permissions Mean on Linux] for details.

chmod Code

The first argument of chmod is a text code describing what changes to apply to the files. Let's understand how this text code works.

ugoa

The first characters of the text code are zero or more letters that must be u, g, o, or a. According to the manual page for chmod (see man chmod), these mean:

u: the user who owns the file.

g: other users in the group associated with the file.

o: other users not in the group..

a: all of the above (this is the default).

Each file on Linux is owned by one user and associated with one group. When you create a new user, you'll also create a new group with the same name as the user. For example, if you created a new user called john, then there is ALSO a new group called john.

Let's say that john has a daughter called mary, and he wants full access to all of mary's files. A way to achieve this in Linux would be to add the user john to the group called mary. Then the group mary would have two users: john and mary, and any file in the mary group that has read access for the group grants read access to john.

If a ugoa character isn't provided, then it works like if you provided a.

+-=

After ugoa, we use the +-= characters to define how to modify the permissions.

+: add permissions.

-: remove permissions.

=: set permissions, granting only the specified permissions and removing all others..

rwx

Finally, we can pick three letters representing the permissions we want to grant or remove:

r: read permission.

w: write permission.

x: execute permission. For files, this makes the file an executable file. For folders, this lets the user list the files inside the folder.

Normally, we only really use the x. For example:

chmod +x my-shell-script.sh
chmod +x my-python-script.py
chmod +x 'Cool Application.appimage'

The code above makes a shell script, a Python script, and an .appimage file executable.

In some cases, you may want to make your files read-only, and to do this, we can simply remove the write permission.

chmod -w archived-file.odf

If you're working on a server, you may need some more complicated code. For example, sometimes the web server's program runs as specific user, and we may want to make a file such that the web server can read it and serve it, but we don't want it to be able to modify the file, but we want to be able to modify the file ourselves. In other words, we need separate user and group permissions. We can achieve this like this:

chmod g-w protected-file.txt

Above, we're only removing the write permission from the group, not from the user. This works assuming the web server can only access the file because it belongs to a group associated with the file, not be cause the web server's user owns the file.

Octal Code

An alternative method for setting the permissions is through the use of an octal code representing the 9 bits of the permission model.

Essentially, they're laid out in a triplet like this: rwxrwxrwx. The first rwx is for the user, the second for the group, and the last for all other users. You can think of it as a binary code: 111 111 111 when all permissions are enabled, and 000 000 000 when they are all disabled.

The binary number 111 equals to 7 in decimal, so another way to write this would be 777 for 111 111 111.

0000---
1001--x
2010-w-
3011-wx
4100r--
5101r-x
6110rw-
7111rwx
Octal to read, write, execute codes.

Consequently, this command:

chmod 777 my-file.txt

Is equivalent to granting full permissions to everyone to the file. This is generally a bad idea as there are often better ways to achieve whatever you're trying to do with this.

Other commonly used codes include: 776, 775, 774, 770, 766, 765, 764, 760, 755, 754, 750, 744, 740, 700, 666, 665, 664, 660, 655, 654, 650, 644, 640, 600, 555, 554, 550, 544, 540, 444, 440, 400.

Among these, chmod 700 will grant your user all permissions, including executable, while 400 will make it read-only.

Written by Noel Santos.

About the Author

I'm a self-taught Brazilian programmer graduated in IT from a FATEC. In a world of increasingly complex and essential computers, I decided to use my technical expertise in hardware, desktop applications, and web technologies to create an informative resource to make PC's easier to understand.

View Comments