Linux file permissions can feel cryptic at first, but once you break them down, they’re not only simple — they’re powerful. Whether you're building systems, writing scripts, or deploying code, understanding how to control file access is a must-have skill. This guide will walk you through everything you need to know.
Why File Permissions Matter
Linux is a multi-user system. Proper permissions:
Keep your system secure
Prevent accidental or malicious changes
Allow collaboration without compromising safety
Understanding rwx and User Classes
Permissions are shown as:
-rwxr-xr--
Breakdown:
First char: - (file) or d (directory)
Next 3: rwx for User (owner)
Next 3: r-x for Group
Last 3: r-- for Others
User Classes
u = User (owner)
g = Group
o = Others
a = All (u+g+o)
Permission Types
r = Read
w = Write
x = Execute
-= No permission
Viewing File Permissions
Using ls
ls -l /etc/passwd
-rw-r--r-- 1 root root 2871 Aug 22 14:43 /etc/passwdUsing stat
stat /etc/shadow
Access: (0640/-rw-r-----) Uid: (0/root) Gid: (42/shadow)Modifying Permissions
Symbolic (Relative) Mode
chmod u+x file.txt # Add execute for user
chmod g-w file.txt # Remove write from group
chmod o-r file.txt # Remove read from others
chmod a+r file.txt # Add read for allOctal (Absolute) Mode
| User | Group | Other | Octal | Command | Meaning |
|---|---|---|---|---|---|
| rwx | rwx | rwx | 777 | chmod 777 file.txt |
Full permissions to everyone |
| rwx | r-x | r-x | 755 | chmod 755 file.txt |
Owner: all, Others: read/exec |
| rw- | r-- | r-- | 644 | chmod 644 file.txt |
Owner: read/write, rest: read |
Setting Permissions from Another File
chmod --reference=file1 file2Recursive Permissions
chmod -R u+rw,o-rwx mydir/Special Permissions
SUID (Set User ID)
Executes file with owner’s privileges.
chmod u+s file
chmod 4755 fileExample:
ls -l /usr/bin/umount
-rwsr-xr-x 1 root root 39144 /usr/bin/umountSGID (Set Group ID)
Runs with group’s privileges, or maintains group ownership in directories.
chmod g+s dir
chmod 2750 dirSticky Bit
Only file owner can delete their files in shared directories.
chmod +t dir
chmod 1777 dirExample:
ls -ld /tmp
drwxrwxrwt 10 root root 4096 /tmpUMASK: Default Permissions
View Current UMASK
umaskSet New UMASK
umask 0022How it Works
UMASK subtracts permissions from 666 (files) or 777 (dirs).
Ownership Commands
Change Owner
chown new_user fileChange Group
chgrp new_group fileChange Both
chown user:group fileRecursive Ownership Change
chown -R user:group dirBonus: File Attributes (Advanced Layer)
View Attributes
lsattr fileChange Attributes
sudo chattr +i file # Make file immutable
sudo chattr -i file # Make it editable againCheat Sheet Summary
chmod → change permissions
chown / chgrp → change ownership
umask → set default permissions
ls -l / stat → view permissions
+x, -w, a+r → symbolic changes
644, 755, 777 → octal changes
SUID, SGID, Sticky Bit → special bits
Conclusion
Linux permissions are a superpower once you understand the logic. Master these commands, practice regularly, and you’ll never get caught off-guard by a “Permission denied” again.
