10.3 Changing Permissions From the Command Line
10.3.3 Octal (absolute) mode
Octal mode provides a quick numeric means of changing permissions for all categories of users simultaneously while still allowing each set of permissions to be different. This mode is also referred to as absolute since the permissions you apply will explicitly replace the existing ones. As previously discussed, there are three sets of permissions, one set for each category of users (User, Group, and Other). There are three possible permissions for each set (r, w and x): Each set of permissions for a category of users can be assigned a numeric value (from 0 to 7) depending on which permissions are allowed. The mode is referred to as octal since there are eight possible values for each set of permissions.

By associating each of the three positions (permission types) with a power of two, we can represent each one of them with a number. By adding up the numbers we can get a total that represent all three permissions for that category of user (User, Group, and Other). Figure shows how this is accomplished using the first set of permissions (user) as an example. In this example, the user has Read (r), Write (w) and Execute (x) permissions. If the permission is allowed, we count the value in the total; if not, then it is not counted.

As can be seen in Figure , each set of three permissions can be represented by one number from 0 to 7 by adding up the values of the three positions. After adding the position values, associate/assign that value with the category of user (user/group/other). So, a 7 would be associated with the user group as shown in Figure . Next, you could move on to 'group,' add up its values and assign that number to 'group' and then finally on to 'other' and assign that number to 'other.' Once you are completed with all three categories of users (User, Group, and Other), you have a three-digit number representing the permissions for all three categories of users.

The command format for the octal method of changing permission is similar to the symbolic method. However, it is not necessary to specify the category of users since the position of each number represents the category. Figure shows the value of each permission separately and the values of all possible sets or combinations of the three permissions. The octal_mode is made up of three numbers, each of which is the sum of the three permissions for one of the user categories (User, Group, and Other). Octal values are combined to identify the octal_mode that is used with the chmod command.

Command Format:
chmod octal_mode filename     OR
chmod –R octal_mode directoryname

Some examples of the combined octal values for all three categories are shown in Figure . The first Octal value defines the user (owner) permissions, the second defines the group, and the last position defines others. Default permissions on files have an octal value of 644, and default permissions on directories have an octal value of 755. Most scripts and executable files have an octal value of 555. 

Note - When using octal mode with the chmod command, you must list all three numbers, one for each category: user, group, and others.

Figure illustrates several examples using the chmod command to change permissions with octal mode. In the first example, the existing Read and Write (4 + 2 + 0 = 6) permissions are replaced by the Read and Execute permission (4 + 0 + 1 = 5). In the second example, the two number 7s represent all permissions for User and Group (4 + 2 + 1) and the number 5 represents Read and Execute for Others (4 + 0 + 1), which remains unchanged. In the last example, the Group permissions of Read, Write and Execute (4 + 2 + 1 = 7) are replaced with Read and Execute (4 + 1 = 5)

The –R option recursively changes permissions on directories and all files. This is a quick way to change the permissions on all files in a directory at once.

There are two other useful commands related to changing permissions: The change ownership command used to change the ownership of a file to a new owner (chown [-R] ) and the change group command use to change group ownership of a file to a new group (chgrp [-R]). See the man pages for usage and examples of these commands.

Figure is a short conversion exercise that will allow you to convert file permissions into octal mode.
Interactive Media Activity (Flash, 95 kB)
  Changing Permissions (Octal)

In this media activity, you are logged in as user2 and your current working directory is /home/usertwo/dir2. Type the commands that would accomplish the following objectives. 
Note: Be sure to press enter after each one. Click on step 1 to begin.

Lab Activity (Adobe Acrobat Reader, 59 kB)
  Changing Permissions from the Command Line

In this lab, you will analyze and change UNIX file system security permissions using command line utilities.