Every file in the Linux / macOS Operating Systems (and UNIX systems in general) has 3 permissions: Read, write, execute.
Go into a folder, and run the
ls -al command.
The weird strings you see on each file line, like
drwxr-xr-x, define the permissions of the file or folder.
Let’s dissect it.
The first letter indicates the type of file:
-means it’s a normal file
dmeans it’s a directory
lmeans it’s a link
Then you have 3 sets of values:
- The first set represents the permissions of the owner of the file
- The second set represents the permissions of the members of the group the file is associated to
- The third set represents the permissions of the everyone else
Those sets are composed by 3 values.
rwx means that specific persona has read, write and execution access. Anything that is removed is swapped with a
-, which lets you form various combinations of values and relative permissions:
r-x, and so on.
You can change the permissions given to a file using the
chmod can be used in 2 ways. The first is using symbolic arguments, the second is using numeric arguments. Let’s start with symbols first, which is more intuitive.
chmod followed by a space, and a letter:
astands for all
ustands for user
gstands for group
ostands for others
Then you type either
- to add a permission, or to remove it. Then you enter one or more permissions symbols (
All followed by the file or folder name.
Here are some examples:
chmod a+r filename #everyone can now read chmod a+rw filename #everyone can now read and write chmod o-rwx filename #others (not the owner, not in the same group of the file) cannot read, write or execute the file
You can apply the same permissions to multiple personas by adding multiple letters before the
chmod og-r filename #other and group can't read any more
In case you are editing a folder, you can apply the permissions to every file contained in that folder using the
-r (recursive) flag.
Numeric arguments are faster but I find them hard to remember when you are not using them day to day. You use a digit that represents the permissions of the persona. This number value can be a maximum of 7, and it’s calculated in this way:
1if has execution permission
2if has write permission
4if has read permission
This gives us 4 combinations:
3can write, execute
5can read, execute
6can read, write
7can read, write and execute
We use them in pairs of 3, to set the permissions of all the 3 groups altogether:
chmod 777 filename chmod 755 filename chmod 644 filename
chmodcommand works on Linux, macOS, WSL, and anywhere you have a UNIX environment