Master Linux File Permissions: From chmod to umask Explained

Permissions are crucial in operating systems such as Windows and Linux; they determine what actions a user can perform on files and directories. In Linux, permission bits differ for files and directories and include special bits.

Permission Bits

Each entry like dr-xr-xr-x. consists of 10 characters: the first indicates the file type (d for directory), followed by three groups of three characters representing owner, group, and other permissions respectively.

First three characters (rwx) – owner permissions

Second three characters – group permissions

Third three characters – other users' permissions

The characters r, w, and x mean:

r – read permission

w – write permission

x – execute permission

For files, r allows reading (e.g., cat), w allows modifying or deleting, and x allows execution. For directories, r permits listing contents, w permits creating or deleting entries (requires x), and x permits entering the directory.

Octal Representation

Each set of three bits can be expressed as an octal digit:

rwx 111 7
--x 001 1
-w- 010 2
-wx 011 3
r-- 100 4
r-x 101 5
rw- 110 6
rwx 111 7

Thus, the root directory shown as dr-xr-xr-x. corresponds to octal 555.

Changing Permissions with chmod

The chmod command modifies permissions. Only root can change any file; other users can modify files they own.

Four forms of chmod usage:

Symbolic assignment ( =) – directly set permissions.

Symbolic addition/subtraction ( + / -) – grant or revoke specific bits.

Octal mode – specify permissions as a three‑digit number (e.g., chmod 777 file).

Reference mode – copy permissions from another file ( chmod --reference=RFILE FILE).

Examples: #chmod u=rx /etc/passwd Sets owner permissions to read and execute. #chmod g-w /etc/passwd Removes write permission from the group. #chmod 777 /etc/passwd Gives read, write, and execute to everyone. #chmod --reference=/etc/inittab /etc/passwd Copies permissions from /etc/inittab to /etc/passwd.

Changing Owner and Group with chown and chgrp

chown

changes file owner and group. Root can change any file; regular users can only change files they own. #chown user1:group1 /etc/passwd Sets owner to user1 and group to group1.

Using a reference file: #chown --reference=/etc/inittab /etc/passwd Copies owner and group from the reference file. chgrp changes only the group: #chgrp magedu /testdir/magedu.txt Sets the group to magedu.

Default Permissions and umask

When creating files or directories, Linux applies a default permission (666 for files, 777 for directories) then subtracts the umask value. The umask is defined in /etc/bashrc and varies by user (e.g., 022 for root, 002 for regular users).

Example calculation for root (umask 022):

# umask
0022
# touch umask.txt
# ls -l umask.txt
-rw-r--r-- 1 root root 0 Jul 25 umask.txt

File permissions: 666 – 022 = 644.

For a regular user with umask 002:

# umask
0002
# touch umask.txt
# ls -l umask.txt
-rw-rw-r-- 1 user user 0 Jul 25 umask.txt

File permissions: 666 – 002 = 664.

Changing umask at the command line (e.g., umask 002) or permanently via umask -p and adding it to shell configuration files affects subsequent file creation.