Hi folks, there are still a lot of people have quite a lot of trouble understanding the chmod command and it’s numbers.
Actually, that is not so difficult to get, so, now I’m going to teach you the basics of chmod, and it’s numbers.
First things first.
You must understand what Read, Write and Execute means. That’s crucial, so, first let me introduce you to some basics of Linux permissions.
- Read – If you have permission to read something, that mean you can see what is inside a folder/directory, you can see a list of files and sub-directories.
- Write – With the write permission you can change the content of a file, create new files inside folder, or create new folders.
- Execute – This permission allows you to run software, you can run a program that is inside a folder or a binary that have permission to be run.
Now, you probably have heard about a magic thing like chmod 770 or chmod 777, haven’t you?
Let’s get back to the permissions, read, write, execute.
Each permission have a number:
- Read = 4
- Write = 2
- Execute = 1
They have chosen this numbers because you can sum them in a way that you get different sum result for each sum.
For example:
- 4 + 2 = 6
- 4 + 2 + 1 = 7
- 4 + 1 = 5
Did you get it yet?
- 4 (read) + 2 (write) = 6 (Permission to read and write, but not execute)
- 4 (read) + 2 (write) + 1 (execute) = 7 (Full permissions, you can read, write and run programs)
- 4 (read) + 1 (execute) = 5 (You can read the content and run software, but can’t change or edit anything)
So, if a file named, let’s say, Stuff.bin, have the permission 7, then you can see it, edit it and run it.
But, the command is chmod 770, and I’m talking about only one number that is the result of a sum. So, now what?
Ok, we have a sequence of 3 numbers because they set permission for an user, a group and others
Again, user group others.
A group is a group of users, this way you can set permissions for more than one user!
- chmod 777 means that the user can Read(4) + Write(2) + Execute(1), the users in a group can Read(4) + Write(2) + Execute(1) and everybody else can too Read(4) + Write(2) + Execute(1)!! So chmod 777 is NEVER a good idea!
I think that’s pretty much you need to know for now about chmod, let me show you some examples.
List folder content
megaf@DebianJessey:~/Examples$ ls
Executable.run Text.txt Whoa
Attempting to run “Executable.run”
megaf@DebianJessey:~/Examples$ ./Executable.run
bash: ./Executable.run: Permission denied
Changing permission so I can execute it then running it
megaf@DebianJessey:~/Examples$ chmod 770 Executable.run
megaf@DebianJessey:~/Examples$ ./Executable.run
Running this software
Showing what’s inside the file “Text.txt”
megaf@DebianJessey:~/Examples$ cat Text.txt
This is a text inside a text file
Changing permission so no one can see what inside it and trying to show what’s inside again
megaf@DebianJessey:~/Examples$ chmod 220 Text.txt
megaf@DebianJessey:~/Examples$ cat Text.txt
cat: Text.txt: Permission denied
Changing permission so I can edit the “Text.txt” file
megaf@DebianJessey:~/Examples$ chmod 660 Text.txt
Adding “Line2” in a new line (Editing/Writing on “Text.txt”)
megaf@DebianJessey:~/Examples$ echo Line2 >> Text.txt
Let’s see the result
megaf@DebianJessey:~/Examples$ cat Text.txt
This is a text inside a text file
Line2
Changing permission so I can no longer change the file
megaf@DebianJessey:~/Examples$ chmod 440 Text.txt
Trying to edit it again
megaf@DebianJessey:~/Examples$ echo Line3 >> Text.txt
bash: Text.txt: Permission denied
Ok, Let’s move on, shall we?
That was the numeric way. There is another way.
From now on I will use only example an comment them.
megaf@DebianJessey:~/Examples$ ls -l ./ # Listing what’s inside this folder and it’s content permissions.
total 8
-rwxrwx— 1 megaf megaf 40 Jun 5 15:36 Executable.run
-r–r—– 1 megaf megaf 40 Jun 5 16:18 Text.txt
drwxr-xr-x 2 megaf megaf 6 Jun 5 15:37 Whoa
See those d, r, w, x, -? That’s even simpler than numbers.
– = Regular file, just a normal file.
d = Directory or folder.
So…
type user group others (I think these colors are colorblind people friendly)
– rwx rwx — means that the file have permissions [user] 7 (rwx) [group] 7 (rwx) [others] 0 (—)
– r– r– — means that the file have permissions [user] 4 (r–) [group] 4 (r–) [others] 0 (—)
d rwx r-x r-x means that the directory have permissions [user] 7 (rwx) [group] 5 (r-x) [others] 5 (r-x)
Did you get it?
- [r] 4 (read) + [r] 2 (write) = 6 (Permission to read and write, but not execute)
- [r] 4 (read) + [r] 2 (write) + [x] 1 (execute) = 7 (Full permissions, you can read, write and run programs)
- [r] 4 (read) + [x] 1 (execute) = 5 (You can read the content and run software, but can’t change or edit anything)
So, That’s all for now, questions/comments?