Here’s the syntax for CHanging permissions or MODe — also known as chmod — for files and directories:
chmod [permissions] /path/to/file/or/directoryThe three possible users are:
- file owner
- group of authorized users
- everyone else (a.k.a. “the world”)
The possible actions (and associated binary values) are:
- 4: read
- 2: write
- 1: execute
Total the values for all actions a given user has permission to perform, for each of the three users. Use “0” to indicate no permissions.
Let’s say I have a directory /var/www/vhosts/my_website/tmp and I want to assign the following permissions to it:
- owner: read / write / execute (4 + 2 + 1 = 7)
- groups: read / execute (4 + 1 = 5)
- others: no permissions (0)
Here’s the command I’d run:
chmod 0750 /var/www/vhosts/my_website/tmpAdd the -R flag to apply these permissions recursively (i.e. to all files and directories inside):
chmod -R 0750 /var/www/vhosts/my_website/tmpIt’s a best practice to employ the principle of least privilege when assigning permissions so start closed and slowly open, avoiding “world writable” at all costs.