How-To Session: Using the “chmod” command

Today we are going to go over how to use the chmod command via the Terminal.  Before we go any further we are going to go over the basics.  The Terminal is a CLI (command line interface) shell of the bash environment.  The entire Linux operating system you are on, could be run from the Terminal, minus the graphical apps you run.  With that over with, lets move on to the tutorial…

Let’s do a “long listing” of our home directory:

As you can see above, we have ALOT of information.  Let’s explain the columns:

• First Column : permissions (we will go over this in detail, in just a moment, thats what this tutorial is all about!)
• Second Column: I believe this is the amount of files inside that folder (if its a directory)
• Third Column: the user who owns the directory or file
• Fourth Column: the group that that user is in
• Fifth Column: the size is bytes
• Six Column: Time Stamp
• Seventh Column: the file name / folder name

Let us go over what the first column means, as this is the focus of this tutorial:

• In the highlighted area above, each “line” (highlighted in yellow), is a grouping of 3 dashes , like so — , — , — .
• There is an area is for each group , 3 groups  in total— — —
• The first grouping of dashes represents The User, the second grouping represents, The Group, and the third group represents everyone else or officially, other.
• The first group, user, may have a “d” to the left of it.  This mean this is a directory, and is NOT tied to any one of the groups, it simply denotes a this entry is a directory.
• For example, if that first group is other, in other we have 3 dashes right?  well each “place value” in that represents a permission.

Lets focus on that one entry in yellow for explanation (sorry for the image quality):

• Since each “grouping” is a set of permissions, we denote each set as either :
• D is for Directory. If this is at the far left of you permissions (as it is here), it means it is a directory.
• R is for READ – read on a directory = permission to list contents
• W is for Write – write on a directory = permission to create/delete/append files
• X is for Execute – execute on a directory = permission to enter (but not permission to list contents)

Now lets go over how we assign each of those to any one of the “groups” discussed Earlier

• The way each one of the “rwx” permissions are applied, is they added via the chmod command.
• The syntax for chmod is “chmod 700 /folder/file” , where 700 is the 3 “groups” we talked about earlier.
• The three digits, 700, together, are an octal representation of a Unix file permission system
• First digit is user, second digit is group, third digit is other
• Each one of the letters R,W, or X are represented by a binary number (see link for a detailed explanation)
• Each dash is represented by a power of 2 (i.e. 2^power)
• For instance, with the user grouping of 3 dashes (above), – – – , the first dash (starting on the left) would be 2^2, which is 4 , followed by 2^1, which is 2, and 2^0, which is 1.
• x = 1
• w =2
• r = 4
  
• You would sum all of the binary values you want included (in this case all) to get your number (i.e. in this case “chmod 700”)

>So how do I get the “7 in “chmod 700 file” you say?

• The first digit represents the first “group” , which is “user” remember?
• Because we wanted ALL permission (R,W, and X) we added those binary values together to get “7”
• Since x =1, w=2, and r=4, that’s how we got 7! (1+2+4 = 7)
• You essentially choose what permissions you want, what group you want, what place they are in , note which power of “2” they are, and add them together.

Now for some examples:

The Easy Way: Using chmod without binary:

• The easy way to use chmod is as follows:
• “chmod group_code+permission”
• Where: group_code can be:
• u: user
• g: group
• o: other
• And: permission can be:
• Any combination of r,w, or x.
• r: read
• w: write
• x: execute
• Example: “chmod u+x /folder/file” This command will give execute permissions to the u group, which is the “user” group

The CLASSIC Way: Using chmod with binary:

• Let’s say we want to give read permission to the user.  Since read is a binary value of 4 (2^2), the command would be “chmod 400 /path/to/file”
• Let’s say we want to give write permission to the user.  Since write is a binary value of 2 (2^1), the command would be “chmod 200 /path/to/file”
• Let’s say we want to give execute permission to the user.  Since execute is a binary value of 1 (2^0), the command would be “chmod 100 /path/to/file”
• Let’s say we want to give ALL permissions to the user.  Since we SUM the above 3 binary numbers together (7), the command would be “chmod 700 /path/to/file”

You would use this SAME method to apply permissions to the other groups

• In the chmod command, each grouping of dashes without ANY permissions would be 0, so essentially each “group“ of “dashes” or each “group” would be represented by a 0
• For instance, “chmod 000″
• each zero is a group
• So, to apply the example above to GROUP , that command would be “chmod 070 /path/to/file”
  
• Same idea for OTHER, that command would be “chmod 007 /path/to/file/”
• To apply ALL permissions for EVERY group (NOTE: be careful with this command! Very unsafe to do this , security wise), the command would be “chmod 777 /path/to/file/”

That’s it!  Hope you enjoyed this tutorial and learned some valuable knowledge 🙂