chmod & File Permissions Cheatsheet
A quick reference for Unix file permissions — numeric (octal) and symbolic modes, common permission patterns, and special bits.
Sections
Permission Bits
| Bit | Octal | Symbolic | Meaning |
|---|---|---|---|
Read | 4 | r | View file contents / list directory |
Write | 2 | w | Modify file / create & delete in directory |
Execute | 1 | x | Run as program / enter directory |
None | 0 | - | No permission |
Octal Notation
Three octal digits represent permissions for owner (u), group (g), and others (o). Each digit is the sum of read (4), write (2), execute (1).
| Octal | Permissions | Binary |
|---|---|---|
7 | rwx | 111 |
6 | rw- | 110 |
5 | r-x | 101 |
4 | r-- | 100 |
3 | -wx | 011 |
2 | -w- | 010 |
1 | --x | 001 |
0 | --- | 000 |
Common Permission Patterns
| Octal | Symbolic | Typical Use |
|---|---|---|
755 | rwxr-xr-x | Directories, executables — owner can write, others can read & execute |
644 | rw-r--r-- | Regular files — owner can write, others read-only |
600 | rw------- | Private files — SSH private keys, .env files |
700 | rwx------ | Private directories or executables |
777 | rwxrwxrwx | Fully open — avoid in production; only for temp dirs |
666 | rw-rw-rw- | Writable by everyone — avoid |
444 | r--r--r-- | Read-only for everyone |
400 | r-------- | Owner read-only — common for SSH private keys |
775 | rwxrwxr-x | Shared project dirs — owner & group can write |
664 | rw-rw-r-- | Shared files — owner & group can write |
Symbolic Mode
| Syntax | Example | Description |
|---|---|---|
u+x | chmod u+x file | Add execute for owner |
g-w | chmod g-w file | Remove write from group |
o=r | chmod o=r file | Set others to read-only (exactly) |
a+x | chmod a+x file | Add execute for all (owner, group, others) |
u=rwx,go=rx | chmod u=rwx,go=rx file | Owner full, group and others read+execute |
+x | chmod +x file | Add execute for all (shorthand for a+x) |
-R | chmod -R 755 dir/ | Apply recursively to directory and contents |
Special Bits
| Bit | Octal | Symbolic | Effect |
|---|---|---|---|
Setuid (SUID) | 4xxx | u+s | Execute as the file owner — e.g. chmod 4755 (rwsr-xr-x) |
Setgid (SGID) | 2xxx | g+s | Execute as the group owner; new files in dir inherit group |
Sticky bit | 1xxx | +t | Only owner can delete files in directory — e.g. /tmp (rwxrwxrwt) |
Viewing & Changing Permissions
| Command | Description |
|---|---|
ls -l | List files with permission strings (e.g. -rw-r--r--) |
stat file | Show detailed file info including octal permissions |
chmod 644 file | Set permissions using octal |
chmod u+x file | Set permissions using symbolic mode |
chmod -R 755 dir/ | Recursively set permissions on a directory |
chown user:group file | Change file owner and group |
chown -R user:group dir/ | Recursively change owner and group |
umask | Show default permission mask (subtracted from 666/777 on new files/dirs) |
umask 022 | Set umask — new files get 644, new dirs get 755 |