Frequently Asked Question

What do the permission bits in 'ls -l' mean, and how does chmod work?

The ten-character string at the start of ls -l output, for example -rwxr-xr--, describes a file's type and permissions. The first character is the file type. The next nine are three triples of read/write/execute bits, for the owner, the group, and everyone else. For directories, the same bits mean something slightly different: read is the right to list the directory, write is the right to add or remove entries, and execute is the right to traverse it (use it as part of a path).

chmod changes those bits. The symbolic form chmod u+x script.sh adds execute for the owner; chmod go-w secret removes write for group and others. The numeric form treats each triple as an octal digit: read is 4, write is 2, execute is 1, so chmod 755 script.sh means rwxr-xr-x and chmod 644 notes.md means rw-r--r--. Two extra positions hold the setuid, setgid and sticky bits, which appear as s or t and change ownership or deletion behaviour in ways worth a separate chapter.