« Back to Linux file permissions

How to change file permissions

Changing file permissions: chmod

The primary command to change file permissions on a Linux system is chmod. It’s a basic system administration utility and pre-installed on the system.

To make changes to an existing directory or file, it is first good to look up the existing permissions. This can be done using the ls -l command, that lists them with the long format.

ls -l /etc/hosts
-rw-r--r-- 1 root root 241 Feb  2 19:10 /etc/hosts

There are two syntax styles to tell chmod what the new value should be. So let’s look at them both.

User, Group, Others

If have a directory named docs and we want all users on the system to be able to access it, we grant the Read (r) and Execute (x) permissions.

chmod o+rx docs

So in this example we ask the chmod command to change the permission set of Others (o) and add (+) Read (r) and Execute (x) to the docs directory.

Numeric values

An alternative is using the octal values of the individual file permissions. To set the permissions on the directory so that everyone on the system can access it, we might use the 755 value.

chmod 755 docs

Now everyone can access the directory similar to the example above.

Common values

Most directories and files should be at least readable the the user (owner) and the group that this user belongs to. If a directory or file is not containing sensitive information, then generally the other users will be granted read access. If we represent this in a numeric notation, then this would become 755 (rwx,r-xr-x) for directories and 644 (rw-,r--,r--) for files. The extra ‘x’ is required to allow users to access the directory.

For directories and files that are more strict, such as your SSH configuration files, they typically need a value of 640 or even 600. This way only you (user/owner) can access the file.

Recursive changes

If you want to change all files and directories within a directory, then specify the --recursive (-R) option.

chmod -R o+r docs

This grants the other users read access to the docs directory, including the underlying files and directories.

Feedback

Small picture of Michael Boelen

This article has been written by our Linux security expert Michael Boelen. With focus on creating high-quality articles and relevant examples, he wants to improve the field of Linux security. No more web full of copy-pasted blog posts.

Discovered outdated information or have a question? Share your thoughts. Thanks for your contribution!

Mastodon icon