Chmod Cheatsheet

File permissions, ownership, octal notation & special modes

Linux / Command
🔍
Contents
Basics Octal Mode Symbolic Mode Special Permissions chown & chgrp Reference Table Examples
πŸ”’

Basics

# View permissions
ls -l file.txt
# -rwxr-xr-- 1 user group 1234 Jan 1 file.txt
#  β•°ownerβ•―β•°groupβ•―β•°otherβ•―

# Permission characters
r = read    (4)
w = write   (2)
x = execute (1)
- = none    (0)

# chmod syntax
chmod [options] mode file
chmod 755 script.sh              # octal
chmod u+x script.sh              # symbolic
πŸ”’

Octal (Numeric) Mode

# Three digits: owner, group, other
# Each digit = sum of r(4) + w(2) + x(1)

chmod 777 file   # rwxrwxrwx β€” full access
chmod 755 file   # rwxr-xr-x β€” standard executable
chmod 644 file   # rw-r--r-- β€” standard file
chmod 600 file   # rw------- β€” private file
chmod 700 dir    # rwx------ β€” private directory
chmod 666 file   # rw-rw-rw- β€” everyone read/write
chmod 444 file   # r--r--r-- β€” read only all
chmod 500 script # r-x------ β€” owner read+execute
✏️

Symbolic Mode

# Who: u=owner, g=group, o=other, a=all
# Action: +=add, -=remove, ==set exactly
# Permission: r, w, x

chmod u+x file          # add execute for owner
chmod g-w file          # remove write for group
chmod o=r file          # set other to read only
chmod a+r file          # add read for everyone
chmod u+rwx,g+rx,o+r f  # combined = 754
chmod go-rwx file       # remove all from group+other

# Recursive
chmod -R 755 directory/
chmod -R u+rwX dir/     # X = execute only for dirs
⭐

Special Permissions

# Setuid (4) β€” run as file owner
chmod 4755 program    # -rwsr-xr-x
chmod u+s program

# Setgid (2) β€” run as file group / inherit dir group
chmod 2755 dir       # drwxr-sr-x
chmod g+s dir

# Sticky bit (1) β€” only owner can delete in dir
chmod 1777 /tmp      # drwxrwxrwt
chmod +t dir
πŸ‘€

chown & chgrp

# Change owner
chown user file.txt
chown user:group file.txt
chown :group file.txt         # group only
chown -R user:group dir/      # recursive

# Change group
chgrp group file.txt
chgrp -R group dir/
πŸ“‹

Reference Table

# Octal  Permissions   Common Use
777     rwxrwxrwx     full access (avoid!)
755     rwxr-xr-x     executables, directories
750     rwxr-x---     programs (no other)
700     rwx------     private directory
644     rw-r--r--     regular files
640     rw-r-----     config files
600     rw-------     private files, SSH keys
400     r--------     read-only private
πŸ’‘

Examples

# Make script executable
chmod +x deploy.sh

# Secure SSH keys
chmod 600 ~/.ssh/id_ed25519
chmod 644 ~/.ssh/id_ed25519.pub
chmod 700 ~/.ssh/

# Web server files
find /var/www -type f -exec chmod 644 {} +
find /var/www -type d -exec chmod 755 {} +

# View numeric permissions
stat -c "%a %n" *