Chapter 4. User, Group and Permission

Chmod Command with Numbers

Chmod Command with Numbers
Tag:
course iconBack to the course page

To manage the many combinations and define the access mode of each file or directory in a more efficient way, the assigned numbers are also used for the access mode setting. The numbers are assigned for each permission as shown below.

  • r : 4
  • w : 2
  • x : 1
  • - : 0

Using the sum of all numbers, you can represent all access modes with a single digit for one user type. To cover the three user types, you need only three digits. Here are some examples.

755 : typical access mode when the superuser creates a directory

  • Owner User : rwx
  • Owner Group : r-x
  • Others : r-x

775 : typical access mode when a normal user creates a directory

  • Owner User : rwx
  • Owner Group : rwx
  • Others : r-x

644 : typical access mode when the superuser creates a file

  • Owner User : rw-
  • Owner Group : r--
  • Others : r--

664 : typical access mode when a normal user creates a file

  • Owner User : rw-
  • Owner Group : rw-
  • Others : r--

700 : typical .ssh directory permission

  • Owner User : rwx
  • Owner Group : ---
  • Others : ---

600 : typical ssh private key permission

  • Owner User : rw-
  • Owner Group : ---
  • Others : ---

Practice

1. Confirm the initial permission setting when creating new documents

To check the initial permission, create four types of documents:

  • one directory created by a normal user (dir_ubuntu)
  • one file created by a normal user (file_ubuntu)
  • one directory created by the superuser (dir_root)
  • one file created by the superuser (file_root)

To create the documents, run the commands below.

Command Line - INPUT
mkdir dir_ubuntu
touch file_ubuntu
sudo su

mkdir dir_root
touch file_root

Run the ls -l command to see the permission of each document. You can see that the initial permission settings are the same as the ones explained in this section.

Command Line - INPUT
ls -l
Command Line - RESPONSE
drwxr-xr-x 2 root   root   4096 Jan  3 01:36 dir_root
drwxrwxr-x 2 ubuntu ubuntu 4096 Jan  3 01:37 dir_ubuntu
-rw-r--r-- 1 root   root      0 Jan  3 01:36 file_root
-rw-rw-r-- 1 ubuntu ubuntu    0 Jan  3 01:37 file_ubuntu

2. Change access mode using numbers

To change the access mode of dir_ubuntu to 700 and file_ubuntu to 600, run the command below.

Command Line - INPUT
chmod 700 dir_ubuntu
chmod 600 file_ubuntu
Command Line - INPUT
ls -l
Command Line - RESPONSE
drwxr-xr-x 2 root   root   4096 Jan  3 01:36 dir_root
drwx------ 2 ubuntu ubuntu 4096 Jan  3 01:37 dir_ubuntu
-rw-r--r-- 1 root   root      0 Jan  3 01:36 file_root
-rw------- 1 ubuntu ubuntu    0 Jan  3 01:37 file_ubuntu

To manage the many combinations and define the access mode of each file or directory in a more efficient way, the assigned numbers are also used for the access mode setting. The numbers are assigned for each permission as shown below.

  • r : 4
  • w : 2
  • x : 1
  • - : 0

Using the sum of all numbers, you can represent all access modes with a single digit for one user type. To cover the three user types, you need only three digits. Here are some examples.

755 : typical access mode when the superuser creates a directory

  • Owner User : rwx
  • Owner Group : r-x
  • Others : r-x

775 : typical access mode when a normal user creates a directory

  • Owner User : rwx
  • Owner Group : rwx
  • Others : r-x

644 : typical access mode when the superuser creates a file

  • Owner User : rw-
  • Owner Group : r--
  • Others : r--

664 : typical access mode when a normal user creates a file

  • Owner User : rw-
  • Owner Group : rw-
  • Others : r--

700 : typical .ssh directory permission

  • Owner User : rwx
  • Owner Group : ---
  • Others : ---

600 : typical ssh private key permission

  • Owner User : rw-
  • Owner Group : ---
  • Others : ---

Practice

1. Confirm the initial permission setting when creating new documents

To check the initial permission, create four types of documents:

  • one directory created by a normal user (dir_ubuntu)
  • one file created by a normal user (file_ubuntu)
  • one directory created by the superuser (dir_root)
  • one file created by the superuser (file_root)

To create the documents, run the commands below.

Command Line - INPUT
mkdir dir_ubuntu
touch file_ubuntu
sudo su

mkdir dir_root
touch file_root

Run the ls -l command to see the permission of each document. You can see that the initial permission settings are the same as the ones explained in this section.

Command Line - INPUT
ls -l
Command Line - RESPONSE
drwxr-xr-x 2 root   root   4096 Jan  3 01:36 dir_root
drwxrwxr-x 2 ubuntu ubuntu 4096 Jan  3 01:37 dir_ubuntu
-rw-r--r-- 1 root   root      0 Jan  3 01:36 file_root
-rw-rw-r-- 1 ubuntu ubuntu    0 Jan  3 01:37 file_ubuntu

2. Change access mode using numbers

To change the access mode of dir_ubuntu to 700 and file_ubuntu to 600, run the command below.

Command Line - INPUT
chmod 700 dir_ubuntu
chmod 600 file_ubuntu
Command Line - INPUT
ls -l
Command Line - RESPONSE
drwxr-xr-x 2 root   root   4096 Jan  3 01:36 dir_root
drwx------ 2 ubuntu ubuntu 4096 Jan  3 01:37 dir_ubuntu
-rw-r--r-- 1 root   root      0 Jan  3 01:36 file_root
-rw------- 1 ubuntu ubuntu    0 Jan  3 01:37 file_ubuntu
Tag:
course iconBack to the course page
check recently viewed topics (history)
history
check bookmarked topics
Library
give rating and feedback
rating
share a URL via email or chat app
Share
check recently viewed topics (history)
history
check bookmarked topics
Library
give rating and feedback
rating
share a URL via email or chat app
Share