File Permissions in Linux (chmod, chown, chgrp) – Complete Tutorial

File permissions are essential in Linux to ensure security and proper access control. In this tutorial, we’ll cover file permissions, and how to modify them using the chmod, chown, and chgrp commands.

1. Understanding File Permissions in Linux

Each file and directory in Linux has three types of access permissions:

• Read (r) → Allows reading the file or listing the directory contents.
• Write (w) → Allows modifying the file or adding/removing files from a directory.
• Execute (x) → Allows executing the file as a program/script or accessing a directory.

1.1 File Permission Representation

Each file has three sets of permissions:

Example: Checking File Permissions

ls -l file.txt

Output:

-rw-r--r--  1 user group 1234 Feb 28 10:00 file.txt

1.2 Breaking Down the Output

-rw-r--r--  1 user group 1234 Feb 28 10:00 file.txt

• - → Regular file (d for directory, l for symbolic link)
• rw- → User (owner) has read (r) and write (w) permissions
• r-- → Group has read-only permission
• r-- → Others have read-only permission

2. Changing File Permissions with chmod

The chmod command changes file permissions in two ways:

1. Symbolic Mode (u, g, o, a with +, -, =)
2. Numeric Mode (Octal values: r=4, w=2, x=1)

2.1 Using Symbolic Mode

chmod u+x file.sh  # Give execute permission to the user
chmod g-w file.txt  # Remove write permission from the group
chmod o+r file.txt  # Give read permission to others
chmod a+x script.sh  # Give execute permission to everyone

2.2 Using Numeric (Octal) Mode

Each permission is assigned a number:

• Read (r) = 4
• Write (w) = 2
• Execute (x) = 1
• No permission = 0

To calculate permissions, add up the values:

Example Commands:

chmod 755 file.sh  # User (rwx), Group (r-x), Others (r-x)
chmod 644 file.txt  # User (rw-), Group (r--), Others (r--)
chmod 700 secret.txt  # User (rwx), Group (---), Others (---)

3. Changing File Ownership with chown

The chown command changes the owner of a file.

3.1 Changing Owner

chown newuser file.txt  # Change owner to 'newuser'

3.2 Changing Owner and Group

chown newuser:newgroup file.txt  # Change owner to 'newuser' and group to 'newgroup'

3.3 Changing Ownership for Multiple Files

chown -R newuser:newgroup /directory  # Change ownership recursively

4. Changing Group Ownership with chgrp

The chgrp command changes the group ownership of a file.

4.1 Changing Group

chgrp newgroup file.txt  # Change group to 'newgroup'

4.2 Changing Group for Multiple Files

chgrp -R newgroup /directory  # Change group recursively

5. Special Permissions (SUID, SGID, Sticky Bit)

5.1 Set User ID (SUID)

• When set, the file runs with the permissions of the owner instead of the user executing it.
• Commonly used for system commands (e.g., passwd).

Command:

chmod u+s script.sh  # Set SUID
ls -l script.sh

Output:

-rwsr-xr-x  1 root users 1234 Feb 28 10:00 script.sh

(Notice the s in place of x for the user)

5.2 Set Group ID (SGID)

• When applied to a directory, all new files inherit the group of the directory.
• Used for shared group access.

Command:

chmod g+s directory/

Output (ls -ld directory/):

drwxr-sr-x  2 user group 4096 Feb 28 10:00 directory/

5.3 Sticky Bit

• Applied to directories to prevent deletion of files by non-owners.
• Commonly used in /tmp.

Command:

chmod +t /tmp
ls -ld /tmp

Output:

drwxrwxrwt  2 root root 4096 Feb 28 10:00 /tmp

(The t at the end indicates the sticky bit)

6. Practical Examples

6.1 Secure a File

Only the owner should have full access:

chmod 700 private.txt

6.2 Make a Script Executable

chmod +x script.sh

6.3 Allow Group Collaboration on a Directory

chown :developers shared_folder/
chmod 2775 shared_folder/

• 2 sets SGID so all new files inherit the group.

6.4 Recursively Change Ownership

chown -R user:group /project_directory/

7. Summary of Commands

Conclusion

Understanding file permissions is crucial for system security and multi-user management. Using chmod, chown, and chgrp, you can efficiently manage access control in Linux.