chmod is an abbreviation of change mode (source: wiki/Chmod).
It is used to manage permissions in unix-like operating systems.
Groups & Permissions
Let’s take the example of a file.
There is three kind of permissions for a file: read (r), write (w) or execute (x).
Those permissions can be attributed to different group of users.
There is three sort of group classes: user (u), group (g), others (o).
- user: file owner
- group: the group owning the file
- others: users not owner and not in the group owning the file.
Each group can have all three permissions (rwx), a combination of two (rw-, r-x, -wx), one (r–, -w-, –x) or nothing at all (—).
Permissions are listed in the following order: user > group > others (ugo).
Note: thinking about the name “Hugo” might be a nice trick to help you memorizing the order.
zsh> touch my_file
zsh> ls -l my_file
-rw-r--r-- my_file # default permissions
Edit permissions
To add permissions:
zsh> chmod +rwx my_file
zsh> ls -l my_file
-rwxr-xr-x my_file
The aforementioned line will add (+) the read (r), write (w) and execute (x) permissions for all classes.
Note: the group and others classes won’t receive the write permission. You will have to set it up specifically.
To remove permissions:
zsh> chmod -x my_file
-rw-r--r-- my_file
The aforementioned line will remove (-) the execute (x) permission for all classes.
To target specific classes:
zsh> chmod ugo+wr my_file # grant read/write access to all
-rw-rw-rw- my_file
Numerical permissions
Permissions can be represented via numbers:
* (r) is associated with (4);
* (w) with (2);
* and (x) with (1).
They can therefore be added e.g. (7) will grant (rwx) i.e. (4+2+1) permissions to the targeted class.
Thus, you can define permissions in the following way:
zsh> chmod 754 my_file
zsh> ls -l my_file
-rwxr-xr-- my_file
To revoke all permissions:
zsh> chmod 000 my_file
zsh> ls -l my_file
---------- my_file