u - owner g - group o - others a - all r - read w - write x - execute Using stat on a file, you'll find something similar to this: 0771 (-rwx rwx --x) ^^^ ^^^ ^^^ | | | | | \_ others | | | \_ group | \_ owner (the first - means that it's a file, e.g. d would be a directory)
7 = 4+2+1 (read/write/execute) 6 = 4+2 (read/write) 5 = 4+1 (read/execute) 4 = 4 (read) 3 = 2+1 (write/execute) 2 = 2 (write) 1 = 1 (execute)
chmod 400 mydoc.txt - read only by owner
chmod 020 mydoc.txt - write only by group
chmod 002 mydoc.txt - write only by others
chmod 001 mydoc.txt - execute only by others
chmod 770 mydoc.txt - rwx only by owner and group
chmod 755 mydoc.txt - rwx only by owner. group and others can read and execute
You can use this to change a specific type of user's permissions.
Using + or - you can set or remove permissions, respectively
chmod u+r mydoc.txt - add read perms to owner
chmod o+r mydoc.txt - add read perms to others
chmod g+x mydoc.txt - add execute perms to group
chmod o-rw mydoc.txt - remove read and write perms from others
chmod u+rw mydoc.txt - add read and write perms to owner
chmod ug+rw mydoc.txt - add read and write perms to owner and group
chmod a+rwx mydoc.txt - add read, write and execute perms to everyone (777) (a can be omitted)
note that by using only a single type of user, the other types remain the same as they were:
e.g. chmod g+x to a file with 0761 (-rwxrw---x) would become 0771 (-rwxrwx--x)
When working with permissions and groups, you'll need more than just chmod and stat.
Use chgrp to change the group of a file. Example: $ chgrp group mydoc.txt
Use chown to change the group and/or owner of a file. Example: $ chown user mydoc.txt or $ chown user:group mydoc.txt
Use usermod to add an user to a group. Example: $ usermod -a -G group user
Use gpasswd to remove an user from a group. Example: $ gpasswd -d user group