chmod Command in Linux

Introduction to Linux File Permissions and the chmod Command

This lab provides a practical guide to the Linux chmod command, a crucial tool for systemadmin tasks involving file permission management. We'll begin with a breakdown of Linux file permission fundamentals, covering permission categories like owner, group, and others, alongside permission types such as read, write, and execute. Subsequently, we'll delve into utilizing the chmod command to modify file and directory permissions, both individually and recursively. The objective of this lab is to equip you with a solid understanding of file permissions management within the Linux operating system.

Understanding File Permissions in Linux: A Deep Dive

This section explores the core concepts of file permissions within the Linux operating system, which dictate who can access, modify, or execute files and directories.

In Linux, every file and directory is governed by three principal permission categories:

1. Owner: This is the user account that created the file or directory.
2. Group: The group to which the owner belongs. Permissions can be assigned to this group.
3. Others: Encompasses all users on the system who are neither the owner nor members of the owner's group.

Each of these categories is associated with three permission types:

1. Read (r): Grants the ability to view the contents of a file or list the files within a directory.
2. Write (w): Allows for modification of a file's contents or the creation/deletion of files within a directory.
3. Execute (x): Enables the execution of a file as a program or accessing the contents of a directory (often necessary to "enter" a directory).

You can readily examine file or directory permissions using the ls -l command. The command output presents permissions in the following structure:

-rw-r--r-- 1 labex labex 0 Apr 24 12:34 example.txt

The initial ten characters represent the file permissions:

• The first character signifies the file type (- for a regular file, d for a directory).
• The subsequent three characters denote the owner's permissions.
• The next three characters represent the group's permissions.
• The final three characters indicate the permissions for others.

Considering the above example, the file example.txt has these permissions:

• The owner (labex) possesses both read and write permissions.
• The group (labex) has read permission only.
• Others have read permission only.

For a more comprehensive view of a file's permissions, the stat command can be utilized:

$ stat example.txt
  File: example.txt
  Size: 0         	Blocks: 0          IO Block: 4096   regular empty file
Device: 801h/2049d	Inode: 131075      Links: 1
Access: (0644/-rw-r--r--)  Uid: (1000/labex)   Gid: (1000/labex)
Access: 2023-04-24 12:34:56.123456789 +0000
Modify: 2023-04-24 12:34:56.123456789 +0000
Change: 2023-04-24 12:34:56.123456789 +0000
 Birth: -

This command delivers further details, including the user ID (UID) and group ID (GID) of the owner, along with access, modification, and change timestamps.

A strong understanding of file permissions is paramount for controlling access to files and directories within a Linux system, ensuring proper system administration and security.

Mastering the chmod Command: Changing File Permissions

This section will instruct you on employing the chmod command to modify file and directory permissions in Linux environments.

The chmod command enables you to adjust read, write, and execute permissions for the owner, group, and others. The basic syntax of the chmod command is:

chmod [options] mode file

Here, mode signifies the desired new permissions. You can utilize either symbolic or numeric mode to modify permissions.

Symbolic Mode:

• u: Represents the owner (user).
• g: Represents the group.
• o: Represents others.
• a: Represents all (owner, group, and others).
• +: Adds the specified permissions.
• -: Removes the specified permissions.
• =: Sets the specified permissions (overwriting existing ones).

For instance, to grant the owner read and write permissions, the group read permissions, and revoke all permissions for others, you would use:

chmod u=rw,g=r,o-rwx example.txt

Numeric Mode:

• Each permission (read, write, execute) is assigned a numerical value: 4 for read, 2 for write, and 1 for execute.
• The permissions for the owner, group, and others are represented by a three-digit number.

For example, to set the permissions to rw-r--r-- (owner has read and write, group has read, others have read), you would use:

chmod 644 example.txt

Let's practice changing a file's permissions using both symbolic and numeric modes:

## Create a new file
touch example.txt

## Change permissions using symbolic mode
chmod u=rw,g=r,o-rwx example.txt
ls -l example.txt
## Output: -rw-r-----

## Change permissions using numeric mode
chmod 644 example.txt
ls -l example.txt
## Output: -rw-r--r--

In this example, we first create a file named example.txt. Then, we employ the chmod command to alter its permissions. We then use ls -l to confirm the changes.

chmod -R: Recursively Changing Permissions for Directories and Files

In this section, you'll learn how to recursively change permissions of directories and the files they contain using the chmod command.

The -R (recursive) option of the chmod command allows you to apply the defined permissions to a directory, its subdirectories, and the files within.

Let's construct a directory structure and recursively modify its permissions:

## Create a directory structure
mkdir -p ~/project/documents/reports

## Change permissions recursively
chmod -R u=rwx,g=rx,o=r ~/project/documents

## Verify the permissions
ls -l ~/project
## Output:
## drwxrwxr-x 3 labex labex 4096 Apr 24 12:34 documents
ls -l ~/project/documents
## Output:
## drwxrwxr-x 2 labex labex 4096 Apr 24 12:34 reports

In the above example, we first establish a directory structure with a parent directory named documents and a subdirectory named reports. Next, we use the chmod -R command to recursively set the permissions:

• The owner (labex) is granted read, write, and execute permissions.
• The group (labex) has read and execute permissions.
• Others are granted read-only permissions.

We confirm the permissions using the ls -l command, which demonstrates that the permissions have been applied to both the parent directory and the subdirectory.

The recursive option proves invaluable when you need to change the permissions across an entire directory tree, ensuring all files and subdirectories within inherit the intended permissions. This is a key skill for any systemadmin.

Summary: Linux File Permissions and chmod Mastery

This lab has covered the core concepts of file permissions in the Linux operating system. We have established that each file and directory is governed by three key permission categories: owner, group, and others, each with three permission types: read, write, and execute. We also learned how to inspect file and directory permissions using the ls -l and stat commands. Finally, we covered modifying file permissions using the chmod command for individual entities, as well as recursively across an entire directory structure and its contents.

Tác giả

Tôi là một chuyên gia System Administrator (SysAdmin) & DevOps Engineer với hơn 10 năm kinh nghiệm trong lĩnh vực quản trị hệ thống, bảo mật mạng, và tối ưu hạ tầng Cloud. Tôi đã từng làm việc tại các tập đoàn công nghệ lớn và tham gia triển khai nhiều hệ thống High Availability (HA), Load Balancing, Database, container và CI/CD giúp doanh nghiệp hoạt động ổn định với hiệu suất cao. Bài này tôi viết với thời gian đọc khoảng 6 phút. I also wrote a Vietnamese version.