Previous Section  < Day Day Up >  Next Section

Recipe 9.2. Setting File and Directory Permissions with chmod's Numeric Notation

9.2.1 Problem

You need to control who can access what file. Either you need to keep prying eyes away from the recipe for the secret sauce, or you have some other secure information that needs protection. Or (more likely) you want to make something executable. In any case, you need to set permissions on files, and you need to understand how to calculate the correct numeric permission values.

9.2.2 Solution

Use the chmod (change mode) command. Only root user (superuser) and the file's owner can change permissions.

For example, this command gives the file owner read and write access to /archive/datafile, with verbose output. No other user, except root, can access this file at all:

$ chmod -v 600 /archive/datafile

mode of `/archive/datafile' changed to 0600 (rw-------)

Here the owner of /shared/list makes it world-readable, but only the file owner and root can make changes to it:

$ chmod -v 644 /shared/list

mode of `/shared/list' changed to 0644 (rw-r--r--)

Any script must have the executable bit set for it to work. This command makes a script editable only by the owner, and readable and executable by everyone:

$ chmod 755 /shared/somescript

Directories must always have the executable bit set, or they won't work:

$ chmod 755 /shared

Set permissions for a directory and its contents, including subdirectories, with the -R (recursive) flag. -v turns on verbosity, so you can see what it is doing:

$ chmod -R -v 755 /shared

9.2.3 Discussion

Use Table 9-2 to calculate file permissions. Simply add the values you need for each type of user, and list them in the order shown in the table: file owner, group owner, all other users. Special bits are explained in Recipe 9.7.

Table 9-2. Calculating file permissions

Special bits





setuid 4





setgid 2





sticky 1





9.2.4 See Also

  • info chmod

  • Linux in a Nutshell, by Ellen Siever, Stephen Figgins, and Aaron Weber (O'Reilly)

  • Chapter 4 of LPI Linux Certification in a Nutshell, by Jeff Dean (O'Reilly), for exhaustive detail on permissions and ownership, right down to the binary level

    Previous Section  < Day Day Up >  Next Section