Where technology and gadgets come together and play

Understanding Linux File Permissions

By on in Linux

824 words, estimated reading time 4 minutes.

Introduction to Linux Series
  1. Linux Tips for Beginners
  2. Beginners guide to Reading and Finding Files in Linux
  3. Using Grep to Search for Text in Linux
  4. Understanding Linux File Permissions
  5. How to Archive, Compress and Extract files in Linux
  6. Linux Piping and Redirection
  7. Linux Hardlinks and Softlinks
  8. Basic Data Recovery in Linux
  9. Essential Guide to Working with Files in Linux
  10. Apache Administration on Linux
  11. MySql Administration on Linux

Linux File Permissions specify who can do what with files or directories and in this tutorial, we'll look at how to set Linux permissions on files and directories and how ownership works.

Linux File permissions specify three things you can do with a file - read, write and execute. They are referred to in Linux by a single letter code.

  • r - read - you may view the contents of the file.
  • w - write - you may change the contents of the file.
  • x - execute - you may execute or run the file if it is a program or script.

For every file, we define 3 sets of people for whom we may specify permissions.

  • owner - a single person who owns the file. (typically the person who created the file but ownership may be granted to some one else by certain users)
  • group - every file belongs to a single group.
  • others - everyone else who is not in the group or the owner.

Directory permissions are similar, they have the same letters but the meanings are slightly different.

  • r - you have the ability to read the contents of the directory (ie do an ls)
  • w - you have the ability to write into the directory (ie create files and directories)
  • x - you have the ability to enter that directory (ie cd)

You can view permissions using the ls command with long descriptions enabled.

ls -l
total 52
drwxr-xr-x 2 timmy timmy  4096 Jun 24 18:01 Desktop
drwxr-xr-x 2 timmy timmy  4096 Jul  8 21:08 Documents
drwxr-xr-x 2 timmy timmy 12288 Aug 17 17:48 Downloads
drwxr-xr-x 2 timmy timmy  4096 Sep  3  2016 Music
drwxr-xr-x 2 timmy timmy  4096 Aug 15 21:34 Pictures
drwxr-xr-x 2 timmy timmy  4096 Sep  3  2016 Public
drwxr-xr-x 3 timmy timmy  4096 May 14 16:38 Software
drwxr-xr-x 2 timmy timmy  4096 Sep  3  2016 Templates
drwxr-xr-x 2 timmy timmy  4096 May 21 21:49 Videos
drwx------ 2 timmy timmy  4096 May 28 11:28 VirtualBox VMs

On each line, we can see the file type (d in this example, for directory) followed by three sets of three letters. A hyphen is used when the permission is not set, so r-- means read only, rw- means read and write, rwx means read, write and execute. The permissions are listed for owner, group and others. Following those permissions, we can see the owner username and the group name.

Changing Permissions

To change Linux permissions on a file or directory we use a command called chmod which stands for change mode bits.

The command chmod has arguments

  • Who are we changing the permission for? [ugoa] - user (or owner), group, others, all
  • Are we granting or revoking the permission - indicated with either a plus ( + ) or minus ( - )
  • Which permission are we setting? - read ( r ), write ( w ) or execute ( x )


Here are a few examples commands for setting Linux file permissions.

Granting Execute permission on testfile

chmod +x testfile

Removing Write and Execute permissions from testfile

chmod –wx testfile

You'll notice that this only changes the permissions for the owner of the file, not the group or others. To change group or others permissions you have to specify (g)roup or (o)thers on the permission flag.

Set the write permission to the group on testfile

chmod g+w testfile

Remove the write and execite permission from the group on testfile

chmod g-wx testfile

Set the write permission for the others

chmod o+w testfile

Remove the read, write and execute permissions from others

chmod o-rwx workfolder

Changing Ownership

Another helpful command is changing ownerships of files and directories. The command is "chown" along with "name of new owner" & "name of file."

chown timmy testfile

We can also combine change group and ownership command by:

chown timmy:users testfile

You can also use the -R flag to change ownership and permissions recursivly.

Shorthand Permissions

The method outlined above isn't hard for setting permissions, but it can be a little tedious if there are lots of permissions to set. There are shorthand codes which you can use to speed up the process. The codes are based on a decimal number, which is converted to binary. Let's see how these the shorthand permission numbers work.

00 0 0---
10 0 1--x
20 1 0-w-
30 1 1-wx
41 0 0r--
51 0 1r-x
61 1 0rw-
71 1 1rwx

These octal numbers can be combined in three to form owner, group and others, so a shorthand permission of 700 will give read, write, and execute permission for the user, but nothing to everyone else. A value of 327 will give write and execute (3) permission for the user, w (2) for the group, and read, write, and execute for other users. A value of 777 will grant read, write and execute for owner, group and others and is generally regarded as unsafe.

Some common file permission combinations include

  • 644 - readable and writeable by the owner of the file and readable by users in the group owner of that file and readable by everyone else.
  • 755 - used for directories and is the same thing as 644, however it has the execute bit set for everyone. The execute bit is needed to be able to change into the directory.

Finally, here is a handy Linux Permissions calculator. Simply tick the boxes to set permissions and the correct octal number will be shown in the text boxes.


Last updated on: Tuesday 12th December 2017



Have a question or suggestion? Please leave a comment to start the discussion.


Leave a Reply

Please keep in mind that all comments are moderated according to our privacy policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

Your email address will not be published.