Chapter 47: Bash Modify (chmod)
Bash Modify (chmod)
chmod = change mode
This is the most important command for controlling file & folder permissions in Linux/Bash. After we learned what permissions look like (ls -l showing rwxr-xr-x), and who owns what (ownership with chown), now we learn how to actually change those rwx rules whenever we want.
Without chmod, scripts won’t run, folders can’t be entered, files can’t be edited, web servers can’t serve pages — basically everything breaks. So let’s treat chmod like your magic wand — you’ll use it every single day once you get comfortable.
Two Ways to Use chmod (Both Are Important)
- Symbolic mode → using letters like u+x, g-w, a=r (easier to read & remember for beginners)
- Numeric (octal) mode → using numbers like 755, 644, 700 (faster once you memorize, very common in scripts & tutorials)
We’ll learn both — most people start with symbolic, then switch to numeric.
First: Quick Reminder of Permission Letters & Numbers
| Permission | For files | For folders | Letter | Octal value |
|---|---|---|---|---|
| read | Can view/cat/open | Can ls (see contents) | r | 4 |
| write | Can edit/change/delete | Can create/delete/rename inside | w | 2 |
| execute | Can run as script/program | Can cd into the folder | x | 1 |
Three groups:
- u = user/owner
- g = group
- o = others (everyone else)
- a = all (u+g+o)
1. Symbolic Mode (Letters – Very Human-Friendly)
Basic pattern:
|
0 1 2 3 4 5 6 |
chmod [who][operator][permissions] file_or_folder |
- who: u, g, o, a
- operator: + (add), – (remove), = (set exactly)
- permissions: r, w, x (or combinations)
Examples you’ll use every day:
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
# Make a script executable (most common!) chmod +x hello.sh # same as: chmod u+x hello.sh # Add execute for everyone chmod a+x myscript.sh # Remove write permission from group & others chmod go-w report.pdf # Give owner full access, group read+execute, others nothing chmod u=rwx,g=rx,o= private_folder/ # Set exactly (overwrites previous) chmod u=rw,g=r,o=r config.conf # → rw-r--r-- # Add read+write to group chmod g+rw team_shared.txt |
Real quick practice:
|
0 1 2 3 4 5 6 7 8 9 10 |
touch test.sh chmod +x test.sh ls -l test.sh # should show -rwxr-xr-x or similar chmod go-rwx test.sh # now only owner can do anything ls -l test.sh # → -rwx------ |
2. Numeric (Octal) Mode – The Fast & Professional Way
Each group gets a number 0–7:
- 7 = rwx (4+2+1)
- 6 = rw- (4+2)
- 5 = r-x (4+1)
- 4 = r–
- 0 = —
Order: owner → group → others
Most famous ones:
| Number | Permissions | Looks like | Typical use case |
|---|---|---|---|
| 755 | rwxr-xr-x | Owner full, others run/read | Scripts, binaries, most public folders |
| 644 | rw-r–r– | Owner edit, everyone read | Normal files, configs, html/php |
| 700 | rwx—— | Only owner full | Private folders (~/.ssh, keys) |
| 600 | rw——- | Only owner read/write | Private keys (.pem, .env, passwords) |
| 775 | rwxrwxr-x | Owner+group full, others read/run | Shared team folders |
| 666 | rw-rw-rw- | Everyone read/write | Rare – dangerous, only temp shared files |
Examples:
|
0 1 2 3 4 5 6 7 8 9 10 |
chmod 755 hello.sh # make script runnable chmod 644 index.html # web file chmod 700 ~/.ssh # secure ssh folder chmod 600 ~/.ssh/id_rsa # secure private key chmod 775 ~/team_project/ # team can edit |
3. Recursive (-R) – Change Folder + Everything Inside
Super common – don’t forget the capital -R!
|
0 1 2 3 4 5 6 7 8 |
chmod -R 755 /var/www/html/ # web server needs this chmod -R 644 ~/Documents/notes/ # make all files read-only for others chmod -R u+x ~/scripts/ # make all scripts executable |
Warning: Be very careful with -R on important system folders — one wrong chmod can break your computer!
4. Real-Life Examples from Hyderabad Developer Life
Fix “Permission denied” on script
|
0 1 2 3 4 5 6 7 8 9 10 11 |
bash: ./run.sh: Permission denied → chmod +x run.sh # or chmod 755 run.sh ./run.sh |
Secure your .env file
|
0 1 2 3 4 5 6 7 |
chmod 600 .env # now only you can read it |
Fix website not loading / writable issue
|
0 1 2 3 4 5 6 7 8 9 |
sudo chown -R www-data:www-data /var/www/my-site/ sudo chmod -R 755 /var/www/my-site/ # or for uploads folder: sudo chmod -R 775 /var/www/my-site/uploads/ |
Make shared folder for friends
|
0 1 2 3 4 5 6 7 8 |
mkdir ~/project_shared chown -R :friends ~/project_shared chmod -R 775 ~/project_shared |
Quick Practice Right Now (5 Minutes!)
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# Create test files touch script.sh config.txt mkdir private_folder # Make script executable chmod +x script.sh ls -l script.sh # Secure config chmod 600 config.txt ls -l config.txt # Private folder chmod 700 private_folder ls -ld private_folder # Try numeric chmod 644 config.txt ls -l config.txt # rw-r--r-- # Recursive example touch private_folder/secret.txt chmod -R 600 private_folder/ ls -l private_folder/secret.txt |
Summary Table – chmod Cheat Sheet
| Goal | Symbolic Example | Numeric Example | When to use |
|---|---|---|---|
| Make script runnable | chmod +x file.sh | chmod 755 | Every script! |
| Normal file (read by all) | chmod u=rw,go=r file.txt | chmod 644 | Docs, code, html |
| Private key / secret | chmod u=rw,go= file.key | chmod 600 | .env, ssh keys |
| Private folder | chmod u=rwx,go= folder/ | chmod 700 | ~/.ssh, secrets |
| Shared team folder | chmod ug=rwx,o=rx folder/ | chmod 775 | Team projects |
| Recursive on whole directory | chmod -R +x scripts/ | chmod -R 755 | Servers, backups |
Got the magic wand now? chmod is how you tell Linux “who can do what with this file/folder” — use it carefully, check with ls -l after every change.
Any part confusing? Want next: “Teacher, explain umask (default permissions when creating files)” or “what happens with setuid/setgid/sticky bit” or “chmod in scripts & cron”?
Just say — teacher is ready in Hyderabad! Keep chmod-ing and ls -l-ing every day! 🐧🔧🔐 😄
