When you first see a file in Linux, the three-letter string that starts with -rw-r--r-- can look like an alien language.
It tells the system who can read, write, or execute that file. Don’t worry – it’s just a set of rules.
In this post we’ll break those rules down into bite-sized pieces and give you a handy cheat sheet for the most common chmod commands.
1. What Are Permissions?
Every file has three sets of permissions:
| Symbol | Meaning | Example |
|---|---|---|
| r | Read | You can view the file’s contents. |
| w | Write | You can change the file. |
| x | Execute | You can run the file as a program. |
The three sets are for:
- Owner – the user who created the file.
- Group – other users that belong to the same group.
- Others – everyone else.
So, -rw-r--r-- means:
- Owner can read and write.
- Group can only read.
- Others can only read.
2. Numbers Behind the Letters
Linux also represents permissions with three octal digits (base-8 numbers).
Each digit is a sum of its bits:
| Digit | Binary | Meaning |
|---|---|---|
| 4 | 100 | Read |
| 2 | 010 | Write |
| 1 | 001 | Execute |
Add them together for each set.
- Example:
rw-→ 4 + 2 = 6. - Example:
r-x→ 4 + 1 = 5.
So, the string -rw-r--r-- translates to the octal number 644.
3. Using chmod
The syntax is simple:
chmod [options] MODE FILE...
a) Numeric Mode
chmod 755 myscript.sh # Owner: rwx, Group & Others: r-x
chmod 600 secret.txt # Only owner can read/write
Why 755?
It’s the classic “executable” permission for scripts and directories.
Owner gets full control; others get read + execute (they can run it but not change it).
b) Symbolic Mode
You can add or remove permissions with symbols:
| Symbol | Effect |
|---|---|
| + | Add permission |
| – | Remove permission |
| = | Set exactly |
chmod g+w myfile.txt # Give group write access
chmod o-x script.sh # Remove execute from others
chmod u=rwx,g=rx,o=r file # Explicitly set all three sets
c) Recursive Changes
Use -R to apply changes to a directory and everything inside it.
chmod -R 644 documents/ # All files: rw-r--r--
chmod -R +x bin/ # Add execute to every file in bin/
4. Common Mistakes & How to Avoid Them
| Problem | Fix |
|---|---|
Accidentally removing your own read access (chmod 000 file) | Use sudo or a second terminal session to restore it: chmod 644 file. |
Setting 777 on a directory you don’t control | Remember that 777 gives everyone full rights. Use only for public directories if needed. |
Forgetting the leading dash in ls -l output | The first character indicates file type (- for regular files, d for directories). It’s not part of permissions. |
5. Quick Cheat Sheet
| File Type | Permission | Octal | Symbolic Example |
|---|---|---|---|
| Owner read/write/execute | rwx | 7 | u=rwx |
| Group read/write/execute | r-x | 5 | g=rx |
| Others read only | r– | 4 | o=r |
Typical setups
| Scenario | Octal | What it means |
|---|---|---|
| Normal file (owner full, others read) | 644 | Owner can edit; everyone else can view. |
| Executable script | 755 | Owner full, group/others can run. |
| Private document | 600 | Only owner can read/write. |
6. Wrap-Up
Linux permissions might look intimidating at first, but they’re just a set of rules you can control with one command: chmod.
Remember:
- Think in three sets (owner, group, others).
- Convert letters to numbers by adding 4, 2, and 1.
- Use numeric mode for quick changes, symbolic mode for fine-grained tweaks.
With this cheat sheet on hand, you’ll be able to set the right permissions every time – no more accidental “no access” surprises!
Happy hacking, and remember: a well-set permission keeps your files safe and accessible when they’re supposed to be.
Tom's IT Cafe 