Numerical permissions with chmod

 Wed, 17 Apr 2024 08:36 UTC

Numerical permissions with chmod
Image: CC BY 4.0 by cybrkyd


The chmod command is used to manage file system access permissions on Unix and Linux systems. There are three basic file system permissions applied to files and directories:

read (r)
write (w)
execute (x)

Each of these permissions can be applied to these three classes of users:

user (u)
group (g)
other (o)

The user is the account that owns the file and the group is generally a collection of users. Other is everyone else, including the public outside world.

Checking permissions

Type in ls -la in any directory which contains files. An example output looks like this, showing the file permissions, owner and group:

$ ls -la
total 44
drwxr-xr-x  2 user group  4096 Apr  7 13:13 .
drwxr-xr-x 23 user group  4096 Apr 17 09:42 ..
-rw-r--r--  1 user group  9632 Feb 19  2022 file-one.txt
-rw-r--r--  1 user group 21731 Jul 11  2019 file-two.txt

Concerning the two files, file-one.txt and file-one.txt, we see the permissions represented as -rw-r--r--.

The order of permissions from left-to-right is Owner + Group + Other. Therefore, -rw-r--r-- means:

-rw- r-- r-- (Owner can Read and Write)
-rw- r-- r-- (Group members can Read)
-rw- r-- r-- (Other users can Read)

Numerical values

Having grown up on the Internet, my brain is hardwired to think in FTP-applied permissions for HTML directories and files.

0 = ---     [No permissions]
1 = --x     [Can execute]
2 = -w-     [Can write]
3 = -wx     [Can write and execute]
4 = r--     [Can read]
5 = r-x     [Can read and execute]
6 = rw-     [Can read and write]
7 = rwx     [Can read, write and execute]

Directories are always 755, represented as:

drwxr-xr-x  2 user group  4096 Apr  7 13:13 .

Files are always 644, represented as:

-rw-r--r--  1 user group  9632 Feb 19  2022 file-one.txt

Changing permissions

Where files (such as scripts) require execution permissions, 740 works quite well. This allows only the owner to execute the file.

Script.sh shows a permission of value of 644:

$ ls -la
-rw-r--r--  1 user group     0 Apr 17 10:55 script.sh

To apply 740 permissions, run:

$ chmod 740 script.sh

Confirming the change:

$ ls -la
-rwxr-----  1 user group     0 Apr 17 10:55 script.sh