Permissions
Understand and change read, write, and execute permissions on files
Overview
Every file and directory on a Unix-like system has permissions that control who can read, write, or execute it. Permissions apply to three groups: the owner, the group, and everyone else. Understanding them is essential for security and for making scripts runnable.
Syntax / Usage
Use ls -l to view permissions and chmod to change them. Permissions can be set with symbols or octal numbers.
ls -l script.sh # view permissions, e.g. -rwxr-xr--
chmod +x script.sh # add execute for everyone
chmod u+x script.sh # add execute for the owner only
chmod 755 script.sh # rwx for owner, r-x for group and others
chmod 644 notes.txt # rw for owner, r for group and others
chown alice notes.txt # change the file's owner
Examples
Make a shell script executable so you can run it directly:
chmod +x deploy.sh
./deploy.sh
Lock down a private key so only you can read it:
chmod 600 ~/.ssh/id_rsa
ls -l ~/.ssh/id_rsa
Common Mistakes
- Using
chmod 777"to make it work" — this makes files world-writable and is a security risk - Confusing the octal digits: 4 = read, 2 = write, 1 = execute, added together
- Forgetting that a directory needs execute (
x) permission to be entered - Editing permissions on a file you don't own and getting "Operation not permitted"
- Mixing up
chmod(permissions) withchown(ownership)
See Also
command-line-files-and-directories command-line-shell-scripting