As such other operating systems, multiple users can create user accounts for each and share the same machine running Linux OS. But, whenever anything is used in a shared manner, there arises a problem of privacy. The first user may not wish the next user to view/edit/delete his file.
Linux Terminal possesses some superpowers in handling file permissions. We can grant/revoke permissions for every file and directory from our Linux Terminal.
What are file permissions?
File permissions control the actions that can be performed by the users. Read, Write, and Execute are the 3 actions possible for every file. Users are classified under 3 broad categories. They are Normal users, Groups, and Others. Linux allows users to set permissions at a very granular level. You can secure your file or directory in every possible location of a file system.
It seems to be interesting right?
There are three important commands involved in this
- chmod ( Change mode )*
- chown ( Change ownership )
- chgrp ( Change group )
Among these chmod is one of the most important commands. Let’s discuss only the chmod command in this blog and the other commands will be continued in the upcoming blogs.
Let’s deep dive into the chmod command 🏊.
Actions of a file
Before we proceed further, I want to ensure you’re clear about Read, Write and Execute actions of a file. The first 2 (Read & Write) are self-explanatory. It determines whether a user can read/write a file.
But, what’s an executable file?
A file is said to be executable if it has a sequence of instructions in it. A better example is scripting files (Shell Scripts).
What is chmod command?
chmod is a command to change the permissions of a file or directory to all types of users.
Here’s the syntax of the chmod command.
You need to grant or revoke the permission by replacing the Operations in the above command.
The Operations in the above syntax are divided into 2 categories. Let’s explore them below.
Controls permissions on the user level.
u – Grant permission to a user
g – Grant permission to a group (A Group of users)
o – Grant permission to others (who do not come under either of the above).
If this option is left empty, permission will be applied to the logged-in user. Most of the time it’ll be left empty.
Controls permissions on the file level.
r – Grant read permission
w – Grant write permission
x – Grant execute permission
These operations need to be preceded with a ‘+’ or ‘-‘ operator.
‘+’ indicates adding new permission and ‘-‘ indicates removing existing permission.
chmod +r sample.txt
The above command adds read permission for the
Isn’t it simple? Let’s continue.
How to make a file executable?
Being a developer, Linux is the default operating system of our team. We recently hired an intern, who has zero knowledge of Linux but was curious to learn and explore. We started to train him initially by asking him to write some shell scripts. Because most servers run Linux OS. He found the entire code on the internet and copied it (We gave such task intentionally).
He saved the file but was not able to run the script. He doesn’t know the actual problem. He started removing few blocks of code and tried to run again and again.
He repeatedly got the error stating “Command not found”.
Finally, he reached the 1st line. He replaced that line with a print statement (“echo” command) and run the file with the hope to see the output. But still, he has not crossed that error.
With at most frustration, he asked for help.
Let’s see the issue now.
Basically, we can execute .sh files by the following command.
He ran the same command but it did not work. Because the file is not in executable format. So I ran the magic command to make the file executable.
chmod +x install.sh
Now it is executable. He stared at me as if I was a hacker 😂. Ideally, it’s a very simple and basic concept.
How to remove permission from a file?
Every time I will get fooled by my colleague Divad, We are internally working on many hobby projects and we write some shell scripts for quick deployment. Whenever he writes some script he always removes all the permissions from that file and pushes the changes to the remote repo. So every time I have to grant permissions using the above commands for the action I have to do.
Let’s have a quick look at the command he uses to remove file permissions.
Here we have a file named
install.sh which has all permissions ( Read, Write, Execute ). Let’s remove the execute permission for this script file.
chmod -x install.sh
You’ll not be able to execute this file and trying so will give you an error as shown in the previous screenshot.
Let’s remove the read permission from the file.
chmod -r install.sh
The read permission has been removed. Let’s try to read that file using nano ( File editor for Linux terminal ). You will be able to see the “Permission Denied” error at the bottom.
The same applies to removing writing permission for the file.
chmod -w install.sh
You can achieve all the above items together using the below command.
chmod -rwx install.sh
This is the core part of handling file permission and remember we have barely scratched the surface of it. Try to understand it and play around with some sample files. Because, who knows in the future, you may get a colleague like Divad.
How to add/remove permissions for Directories ( Folders )?
I hope most of you after switching to Linux might come across a few directories such as
/opt, etc. You may not be aware of why these directories exist. But, you may notice one item common for all these folders. That is, you’ll not be able to create a file or folder inside these directories without root permission.
This setting will be pre-configured in your system when Linux OS is installed.
But, can I restrict my folder in a
/home directory similar to the above directories? The answer is Yes. You can achieve this by changing the permission of the directory using the chmod command.
Let’s understand this with an example.
I created a directory named
locked_directory and removed read permission from this directory. If I try to read the contents of the folder using
ls command, I’ll end up seeing the “Permission Denied” error message.
chmod -r locked_directory/
But, do you know I can create another directory inside
dir1 and read the files and folders in
Then what’s the purpose of the command we just ran before? Removing the read permission on the parent should remove the same on child directories too right?
Well. That’s the exact thing I told you earlier. Linux manages the granular level of file permissions.
If you want to apply the permissions to the parent directory and all its child directories, you need to pass an exclusive flag with the
-R. It basically means applying the same permissions recursively to all sub-directories (child directories). So this permission will apply to the end child of a file/directory.
Here’s the syntax,
sudo chmod -R
Remember running the command to do a recursive operation needs root permission. So you need to add
sudo at the beginning of this command.
sudo chmod -R -r locked_directory
From the above screenshot, you can see that trying to view the child directory files has failed after removing the read permission recursively from the parent directory.
The alternative method for handling file permissions
Alternatively, you can use Octal representation to control the file permissions.
|Access||Symbolic Mode||Octal Mode|
|Octal Mode |
Eg:764 ( User, Group, Others )
Hope you’re confused 😖. Read further to understand clearly.
Let’s consider a scenario.
You want to grant read, write, and execute permissions to users and read-only permission for groups and others to
Let’s discover how to achieve that using the above 2 methods.
Using Symbolic Mode
chmod u+rwx,go+r install.sh
Let’s dismantle each part and try to understand them,
u+rwx – represents adding read, write, and execute permissions for users
go+r – represents adding read permission for groups and others
Using octal mode
chmod 744 install.sh
Let’s dismantle each number and try to understand them,
The first number (7) represents permission for user – 7 = ( 4 (
read) +2 (
The second number (4) represents permission for group – 4 (
The third number (4) represents permission for others – 4 (
In this article, you have learned about handling basic file and folder permissions.
I hope you guys enjoyed this blog. I have one request to all, give it a try on your own with some complicated scenarios like having permutations and combinations of permissions 😂. It’ll definitely be helpful in your entire career.
Subscribe to my newsletter by visiting my site and also have a look at the consolidated list of all my blogs.