chmod is short for change mode. It is the linux command used to change file permissions.
The basic format of the command is like this:
chmod <i>options</i> <i>permissions</i> <i>filename</i>
There are a number of options, but one of the more frequently used ones is -R, for recursive. But be sure to use that with caution, or you could end up messing things up pretty badly. Don’t use it unless you know you’re in the right place, and that you need to affect the entire directory tree from where you are.
The permissions are the most important thing to understand.
There are three parts to file permissions. The Owner, the Group, and Others
chmod 777 filename will give all permissions to everyone – don’t do this! It may make your permission problem go away, but that would be like leaving the vault door open because it’s easier than putting your passcode in to open it!
The first digit sets the permission for the file owner.
The second digit sets the permission for the group.
The third digit sets the permission for others. (Think world here – strangers, people who should not necessarily have access)
If I have file on my server called foo.txt, let’s look at three different ways I might secure it.
chmod 660 foo.txt
This would mean that I as the owner could read and write the file, the group could do the same, and the public (in the case of a webserver) could not access the file at all.
chmod 664 foo.txt
This would mean that I and the group could read and write as before, but now the world can also read.
chmod 644 foo.txt
This would mean that I could read and write, the group can only read, and the public can only read.
So how do the numbers work?
It’s simple actually:
4 = read
2 = write
1 = execute
0 = no permission
So, if I want to read and write, I add 4 + 2 = 6. If I want to write and execute, it’s 2 + 1 = 3, and to read, write, and execute, it’s 4 + 2 + 1 = 7. (That’s why 777 is bad – you are allowing reading, writing, and executing to the public!)
Of course, all this requires that you understand the difference between owner, group, and other, but that will be covered in a different post.