Dev ToolboxSnippets › Linux chmod

Linux chmod Command Examples

chmod (change mode) sets the read, write, and execute permissions for files and directories. You can use numeric (octal) notation for precision or symbolic notation for readability. Understanding chmod is fundamental for Linux system administration and secure file management.

LinuxchmodPermissionsCLI
Numeric (Octal) Mode
Set permissions 644 (files)
chmod 644 filename.txt
644 means: owner can read+write (6), group can read (4), others can read (4). This is the standard permission for regular files — readable by everyone, writable only by the owner. Use for web server content, config files, and documents.
Set permissions 755 (directories/executables)
chmod 755 script.sh
755 means: owner can read+write+execute (7), group can read+execute (5), others can read+execute (5). This is the standard permission for directories and executable scripts — everyone can run/traverse them, only owner can modify.
Set permissions 700 (private)
chmod 700 ~/.ssh
700 gives full access to the owner only; group and others have no access. Required for the ~/.ssh directory by SSH — if permissions are too open, SSH will refuse to use your keys and show a "permissions too open" error.
Set permissions 600 (private file)
chmod 600 ~/.ssh/id_rsa
600 allows owner to read and write; no access for group or others. Required for SSH private key files. If a private key has looser permissions, SSH will reject it with a warning about being too permissive.
Symbolic Mode
Add execute permission for the owner
chmod u+x script.sh
Symbolic mode uses u (user/owner), g (group), o (others), a (all). Operators: + (add), - (remove), = (set exactly). This adds execute permission only for the owner without changing other permissions.
Add execute for all users
chmod a+x script.sh
The a target applies the change to all three classes (user, group, others) simultaneously. This makes the file executable by everyone on the system — commonly used for public utility scripts.
Remove write permission from group and others
chmod go-w filename.txt
You can combine target characters: go means group and others. This removes write permission from both simultaneously. Useful for hardening config files that were accidentally made world-writable.
Recursive & Bulk
Set permissions recursively on a directory
chmod -R 755 /var/www/html/
The -R flag applies the permission change recursively to all files and subdirectories. Use with caution — this sets the same permissions on both files and directories, which is often incorrect (files shouldn't be executable by default).
Set 644 on files only (with find)
find /var/www -type f -exec chmod 644 {} \;
A safer pattern than chmod -R: uses find to target only regular files. Combine with a second find command for directories to set different permissions for each type — 644 for files, 755 for directories.
Set 755 on directories only (with find)
find /var/www -type d -exec chmod 755 {} \;
Targets only directories. Run this together with the previous snippet to correctly set a web directory to the standard 644/755 split: files are readable but not executable, directories are traversable.

How to Use

  1. Use ls -la to view current permissions before changing them.
  2. For numeric mode: each digit is owner/group/others; values are r=4, w=2, x=1.
  3. For symbolic mode: combine u/g/o/a with +/-/= and r/w/x.
  4. Use find with -exec instead of chmod -R to set different permissions for files vs. directories.
  5. Use the chmod Calculator tool to convert between numeric and symbolic modes visually.

Frequently Asked Questions

What do the three permission digits represent?

The three digits in numeric mode represent: owner, group, and others (world). Each digit is the sum of: read (4) + write (2) + execute (1). So 7 = rwx, 6 = rw-, 5 = r-x, 4 = r--. For example, 755 = rwxr-xr-x.

What is the difference between chmod and chown?

chmod changes the permission bits (what users can do with a file). chown changes the ownership of a file (which user and group own it). Both together control file access: ownership determines which user/group the permission bits apply to.

Why shouldn't I use chmod 777?

chmod 777 gives read, write, and execute permission to everyone on the system, including malicious users. It is especially dangerous for web-accessible files and directories. Always use the minimum permissions necessary: 644 for files, 755 for directories, 600 for private keys.

Related Tools

Chmod Calculator Linux find Examples Linux ps Examples