What command would I use to change the permissions of a file?

To change the mode of a file, use the chmod command. The general form is

      chmod X@Y file1 file2 ...

where: X is any combination of the letters `u’ (for owner), `g’ (for group), `o’ (for others), `a’ (for all; that is, for `ugo’); @ is either `+’ to add permissions, `-‘ to remove permissions, or `=’ to assign permissions absolutely; and Y is any combination of `r’, `w’, `x’. Following are some examples:

     chmod u=rx file        (Give the owner rx permissions, not w)
     chmod go-rwx file      (Deny rwx permission for group, others)
     chmod g+w file         (Give write permission to the group)
     chmod a+x file1 file2  (Give execute permission to everybody)
     chmod g+rx,o+x file    (OK to combine like this with a comma)

Each permission is assigned a value, as the following table shows, and the total of each set of permissions provides a number for that set.

Number Octal Permission Representation Ref
0 No permission
1 Execute permission –x
2 Write permission -w-
3 Execute and write permission: 1 (execute) + 2 (write) = 3 -wx
4 Read permission r–
5 Read and execute permission: 4 (read) + 1 (execute) = 5 r-x
6 Read and write permission: 4 (read) + 2 (write) = 6 rw-
7 All permissions: 4 (read) + 2 (write) + 1 (execute) = 7 rwx

$ ls -l /usr/bin/passwd
-r-sr-xr-x  1   root   bin  19031 Feb 7 13:47  /usr/bin/passwd*

Which shows that the SUID bit is set and that the command is owned by the root. A capital letter S in the execute position instead of a lowercase s indicates that the execute bit is not set.

If the sticky bit is enabled on the directory, files can only be removed if you are one of the following users:

  • The owner of the sticky directory
  • The owner of the file being removed
  • The super user, root

To set the SUID and SGID bits for any directory try the following:

$ chmod ug+s dirname
$ ls -l
drwsr-sr-x 2 root root  4096 Jun 19 06:45 dirname