chmod command; which is used to change the access permissions of file system objects in Unix-like operating systems – like as sets the permissions of files and directories.
The command name chmod referred for change mode. it controls the way a file can be accessed.
Let’s see the detailed information about the chmod command in the below article.
Read More for related; PowerShell Commands
chmod [OPTION]... MODE [,MODE]... FILE...
chmod [OPTION]... OCTAL-MODE FILE...
chmod [OPTION]... --reference=RFILE FILE...
|-c, –changes||Like —verbose, but gives verbose output only when a change is actually made.|
|-f, –silent, –quiet||Suppress most error messages.|
|–no-preserve-root||Do not treat ‘/’ (the root directory) in any special way, which is the default setting.|
|–preserve-root||Do not operate recursively on ‘/’.|
|–help||Display a help message and exit.|
|-v, –verbose||Verbose mode; output a diagnostic message for every file processed.|
|–reference=RFILE||Set permissions to match those of file RFILE, ignoring any specified MODE.|
|-R, –recursive||Change files and directories recursively|
|–version||Output version information and exit.|
Description of chmod command
In the Unix operating system, have some set of flags which set on who can access that file, and how they can access it. So that flags are called as permissions or modes.
In generally, the chmod command is written as follows.
chmod options permissions file_name
chmod modifies the permissions of the file specified by file name to the permissions specified by permissions, if the there was no options are mentioned.
Let’s see the below example:
If you are the owner of a file named sample, and you want to set its permissions in the following conditions.
1-The user can read, write, and execute it.
2- Members of your group can read and execute it
3- Others may only read it; Use the below command
chmod u=rwx, g=rw, o=x
|4||=||Set the permissions exactly to that|
Now you can the see the output of file permissions in the below snaps
The first character shows the file type. It can be a regular file ( – ), if directory meant ( d ) and a symbolic link ( 1 ) or any other special type of file. Please refer the below snapshot.
Permission defined in two types:
- Numeric Mode
- Symbolic Mode
The format of a Numeric mode is ‘augo’.
chmod [OPTIONS] NUMBER FILE...
It is from one to four octal digits (0-7), derived by adding up the bits with values 4, 2, and 1 and any omitted digits are assumed to be leading zeros.
If you are using the 3-digit number, the first digit represents the permissions of the file’s owner, the second one the file’s group, and the last one all other users.
Please find the number values of Numeric mode:
- r (read) = 4
- w (write) = 2
- x (execute) = 1
- no permissions = 0
To find out the file’s permissions in numeric mode simply calculate the totals for all user’s classes.
- Owner: rwx=4+2+1=7
- Group: r-x=4+0+1=5
- Others: r-x=4+0+0=4
Some example of Numeric mode in chmod command
1.Read by owner only
$ chmod 400 sample
2.Read by group only
$ chmod 040 sample
3.Read by anyone
$ chmod 004 sample
4.Write by owner only
$ chmod 200 sample
5.Write by group only
$ chmod 020 sample
6.Write by anyone
$ chmod 002 sample
7.Execute by owner only
$ chmod 100 sample
8.Execute by group only
$ chmod 010 sample
9.Execute by anyone
$ chmod 001 sample
10.Allow read permission to owner and group and anyone.
$ chmod 444 sample
11.Allow everyone to read, write, and execute file.
$ chmod 777 sample
The format of the symbolic mode is below.
The [ugoa…] means, defines which users classes the permissions to the file are changed.
‘u’ = The file owner
‘g’ = Member of the group
‘o’ = Other users.
‘a’ = All users, identical to ugo. If none of these are given, the effect is as if ‘a’ were given, but bits that are set in the umask are not affected.
[-+=] means, defines whether the permissions are to be removed, added, or set:
‘-‘ represents the permissions selected to be added to the existing permissions of each fil.
‘+’ represents the Adds specified permissions.
‘=’ represents to
changes the current permissions to the stated permissions. If no permissions
are specified after the
symbol, all permissions from the stated user class are removed.
‘perms’ means permissions, you can be explicitly set using either zero or one or more of the following letters.
r, w, x, X, s and t.
Use a single letter from the set
o when copying permissions from one to another users class.
[,…] If you want to be set the permission for multiple user classes [,…] use commas (without spaces) to separate the symbolic modes.
Some example of Symbolic mode in chmod command
1.Allow read permission to everyone.
$ chmod a+r sample
2. Deny execute permission to everyone
$ chmod a-x sample
3. Make a file readable and writable by the group and others.
$ chmod go+rw sample
4. Make a shell script executable by the user/owner.
$ chmod u+x samplescript.sh
5. Allow everyone to read, write, and execute the file and turn on the set group-ID
$ chmod =rwx,g+s samplescript.sh
Description of Linux File Permissions
In the Linux, you can use the “ls” command to view the entire file permissions. Let’s see the below example.
In the above output,
First “-“ represents the file types. “-“ for a regular file, “d” for a directory, “l” for a symbolic link.
Then “rwx” represents the permissions for the file’s owner.
Next “rw-“ represents the permissions for members of the file group. Here, member have access for read and write but don’t have access for execute permissions.
Then last one “–x” represent the permissions for others.
“1” represents number of hard links in the file.
“root” represents the file’s owner.
The second “root” represents the group to whom the file belongs.
“0” The size of the file in blocks.
“Jan 13 10:17” represents the file’s mtime (date and time when the file was last modified).
“sample” represents the file name.
It is a bit and which is works depends upon the file types; Sticky bit or called as the restricted deletion flag both are same. One of the prominent point of the sticky bit is, it prevents unprivileged users from removing or renaming a file in the directory unless they own the file or the directory.
In generally found this feature in world-writable directories like /tmp.
Setuid and Setgid Bits
If the user has not suitable privileges, chmod clears the set-group-ID bit of a regular file if the file’s group ID does not match the user’s effective group ID or one of the user’s supplementary group Ids.
Also this actions depends on the policy and functionality of the underlying chmod system call.
In generally you should mention explicitly otherwise the chmod preserves a directory’s set-user-ID and set-group-ID bits. You can set or clear the bits with symbolic modes like u+s and g-s, also you can set (but not clear) the bits with a numeric mode.