Command / Code
find /var/www -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;Description
1. Introduction
The chmod command linux is the fundamental tool for managing file and directory permissions on Unix-like systems. Understanding this essential command is crucial for Linux security, system administration, and proper file access control. Whether you’re securing sensitive data or configuring application permissions, mastering the chmod command linux ensures your system maintains proper access controls while enabling legitimate users to perform their tasks effectively.
2. Chmod Command Linux Fundamentals
File permission management becomes intuitive once you understand the core concepts behind Linux permission systems. The command controls read, write, and execute permissions for file owners, groups, and other users across the entire filesystem.
Why mastering chmod is essential for Linux professionals:
- System security enforcement through proper permission configuration
- Application deployment with correct executable and configuration permissions
- Multi-user environment management for shared server environments
- Web server security for protecting sensitive files and directories
- Backup and restoration maintaining permission integrity during operations
The permission system integrates seamlessly with security practices covered in our Linux Security Guide and complements file management techniques detailed in our System Administration Tutorials.
Related Linux Security Commands:
- Advanced permission management: Linux Commands Reference
- Security troubleshooting: Linux Troubleshooting Guide
External Resources:
- POSIX permissions standard: pubs.opengroup.org/onlinepubs/9699919799 – comprehensive permissions specification
- Linux security best practices: linux-audit.com/linux-file-permissions – security-focused permission guide
3. Essential Chmod Command Examples
# Set standard file permissions using octal notation
chmod 644 document.txt
# Make script executable for owner only
chmod 755 script.sh
# Set directory permissions with full access for owner
chmod 755 /var/www/html
# Remove all permissions for group and others
chmod 600 private_key.pem
# Recursive permission changes for directories
chmod -R 755 /home/user/public_html
# For more chmod examples, visit our [Chmod Command Reference](https://linuxtips.pro/commands/)4. Advanced Chmod Command Linux Techniques
# Professional chmod workflows for system administrators
# 1. Secure web server file permissions
chmod 644 *.html *.css *.js && chmod 755 *.cgi *.sh
# 2. **Chmod command linux** with symbolic notation for precision
chmod u+rwx,g+rx,o-rwx sensitive_script.sh
# 3. Conditional permission setting based on file type
find /var/www -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
# 4. Special permission bits for advanced security (covered in [System Monitoring](https://linuxtips.pro/guides/))
chmod 4755 /usr/bin/sudo # Set SUID bit
# Combine with our [Pro Community](https://linuxtips.pro/pro-community/) scripts for automated permission management5. Detailed Command Explanation
The chmod command linux syntax follows this pattern:
bashchmod [OPTIONS] MODE FILE(S)
Permission Modes:
Octal Notation (Most Common):
- 4 = Read permission (r)
- 2 = Write permission (w)
- 1 = Execute permission (x)
- 0 = No permission (-)
Common Octal Combinations:
- 755 = rwxr-xr-x (Owner: read/write/execute, Group/Others: read/execute)
- 644 = rw-r–r– (Owner: read/write, Group/Others: read only)
- 600 = rw——- (Owner: read/write, Group/Others: no access)
- 777 = rwxrwxrwx (Full permissions for all – avoid for security)
Symbolic Notation:
- u = User (owner), g = Group, o = Others, a = All
- + = Add permission, – = Remove permission, = = Set exact permission
- r = Read, w = Write, x = Execute
Essential Options:
- -R (recursive) – Apply permissions to directories and all contents
- -v (verbose) – Display files as permissions are changed
- -c (changes) – Report only when changes are made
- –reference=FILE – Copy permissions from reference file
Special Permission Bits:
- 4000 (SUID) – Set User ID on execution
- 2000 (SGID) – Set Group ID on execution
- 1000 (Sticky) – Restrict deletion in shared directories
6. Conclusion
Mastering the chmod command linux transforms your ability to secure and manage Linux systems effectively. Proper permission management forms the foundation of Linux security, preventing unauthorized access while ensuring legitimate operations proceed smoothly.
Whether you’re configuring web servers, securing sensitive files, or managing multi-user environments, this essential command provides the granular control needed for professional Linux administration. Understanding both octal and symbolic notation gives you flexibility to handle any permission scenario efficiently.
For advanced security automation and permission auditing, explore our Linux Tips Collection and engage with our Pro Community for expert discussions on permission management strategies.
Advanced Learning Resources:
- Linux Access Control Lists: redhat.com/sysadmin/linux-access-control-lists – extended permission systems
- Security auditing tools: lynis-security.com – comprehensive security assessment including permissions
7. Difficulty Level
βοΈ Beginner to Intermediate
8. Reading Time
4 minutes
9. Rating
9/10
10. Command Category
File Management & Security
11. Prerequisites
Basic Linux command line knowledge, understanding of file ownership concepts and directory structures
12. Related Commands
bashchown - Change file ownership (user and group)
chgrp - Change group ownership only
ls -l - Display detailed file permissions and ownership
umask - Set default permissions for new files
stat - Display detailed file information including permissions
find - Locate files with specific permissions
getfacl - Display Access Control Lists (ACLs)
setfacl - Modify Access Control Lists for extended permissions
sudo - Execute commands with elevated privileges
su - Switch user context for permission testing13. Security Best Practices
Never use 777 permissions except for temporary troubleshooting; always apply principle of least privilege and regularly audit file permissions
14. Common Mistakes
Avoid recursive chmod on system directories and always test permission changes on non-critical files first
15. Support Resources
For permission-related issues, consult our Linux Troubleshooting Guide or contact our support team for expert assistance
Detailed Explanation
π Complete Command Analysis
General Structure:
find [PATH] [CONDITION1] [ACTION1] -o [CONDITION2] [ACTION2]
Detailed Breakdown:
1. find /var/www
Base command for recursive search
/var/www = starting directory (typical location for websites)
Recursively scans all files and directories within
2. -type f
First condition: finds only files (not directories)
f = regular files
Excludes directories, symbolic links, device files, etc.
3. -exec chmod 644 {} \;
First action: executes chmod 644 on each found file
{} = placeholder that gets replaced with the current filename
\; = terminates the exec command (backslash escapes the semicolon)
644 = rw-r–r– (owner: read/write, others: read only)
4. -o
Logical OR operator
Means “OR” – if the first condition isn’t true, try the second
Connects the two conditional operations
5. -type d
Second condition: finds only directories
d = directory
This time searches only for folders, not files
6. -exec chmod 755 {} \;
Second action: executes chmod 755 on each found directory
755 = rwxr-xr-x (owner: full access, others: read/execute)
π Step-by-Step Process
1. find starts from /var/www
2. For each element found:
– IF it’s a file (-type f) β execute chmod 644
– OR (-o)
– IF it’s a directory (-type d) β execute chmod 755
3. Continue recursively for all sub-elements
π‘ Practical Example
Suppose we have this structure:
/var/www/
βββ index.html (file)
βββ style.css (file)
βββ images/ (directory)
β βββ logo.png (file)
β βββ banner.jpg (file)
βββ scripts/ (directory)
β βββ main.js (file)
βββ uploads/ (directory)
βββ document.pdf (file)
Command result:
# Files receive 644 (rw-r–r–)
chmod 644 /var/www/index.html
chmod 644 /var/www/style.css
chmod 644 /var/www/images/logo.png
chmod 644 /var/www/images/banner.jpg
chmod 644 /var/www/scripts/main.js
chmod 644 /var/www/uploads/document.pdf
# Directories receive 755 (rwxr-xr-x)
chmod 755 /var/www/images
chmod 755 /var/www/scripts
chmod 755 /var/www/uploads
π― Why These Permissions?
644 for Files:
Owner: can read and modify
Group/Others: can only read
Safe for web files (HTML, CSS, images)
Not executable for security
755 for Directories:
Owner: complete access (read/write/execute)
Group/Others: can read and enter the directory
Execute permission required to access directories
Standard for public web directories
π§ Variants and Improvements
With exclusions:
find /var/www -name “*.tmp” -prune -o -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
With verification before execution:
find /var/www -type f -exec chmod -c 644 {} \; -o -type d -exec chmod -c 755 {} \;
# -c shows only files where permissions are actually changed
With current permissions backup:
# First save current permissions
find /var/www -printf “%M %p\n” > permissions_backup.txt
# Then apply new permissions
find /var/www -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
Version with xargs (more efficient for many files):
find /var/www -type f -print0 | xargs -0 chmod 644
find /var/www -type d -print0 | xargs -0 chmod 755
β οΈ Security Considerations
β
Advantages:
Standardizes permissions in one go
Safe for web applications
Efficient for large directory structures
Prevents access problems
β οΈ Cautions:
Test first on non-critical directories
Always backup original permissions
Exclude special files (e.g., .htaccess might need 600)
Don’t use on critical system directories
π Alternatives for Specific Cases
For WordPress sites:
# WordPress has specific needs
find /var/www/wordpress -type f -exec chmod 644 {} \;
find /var/www/wordpress -type d -exec chmod 755 {} \;
chmod 600 /var/www/wordpress/wp-config.php # More restrictive config file
For applications with executable scripts:
# First set base permissions
find /var/www -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
# Then make necessary scripts executable
find /var/www -name “*.sh” -exec chmod 755 {} \;
find /var/www -name “*.cgi” -exec chmod 755 {} \;
With ownership control:
# Ensure web server owns the files
chown -R www-data:www-data /var/www
find /var/www -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
π Automated Script
#!/bin/bash
# Script to standardize web permissions
WEB_DIR=”/var/www”
BACKUP_FILE=”permissions_$(date +%Y%m%d_%H%M%S).txt”
echo “Backing up current permissions…”
find “$WEB_DIR” -printf “%M %p\n” > “$BACKUP_FILE”
echo “Applying new permissions…”
find “$WEB_DIR” -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
echo “Setting special permissions for config files…”
find “$WEB_DIR” -name “wp-config.php” -exec chmod 600 {} \;
find “$WEB_DIR” -name “.htaccess” -exec chmod 644 {} \;
echo “Complete! Backup saved as: $BACKUP_FILE”
π Real-World Use Cases
Web Server Deployment:
# Standard web deployment permissions
find /var/www/html -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
After File Upload/Transfer:
# Fix permissions after uploading via FTP
find /var/www/uploads -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
Security Hardening:
# Secure web application
find /var/www -type f -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
find /var/www -name “*.conf” -exec chmod 600 {} \;
find /var/www -name “*.ini” -exec chmod 600 {} \;
π― Performance Considerations
For Large Directory Structures:
# More efficient for thousands of files
find /var/www -type f -print0 | xargs -0 -P 4 chmod 644
find /var/www -type d -print0 | xargs -0 -P 4 chmod 755
# -P 4 runs up to 4 processes in parallel
With Progress Monitoring:
# Show progress for large operations
find /var/www -type f -exec chmod 644 {} \; -print | wc -l
π Security Best Practices
Before Running:
Backup permissions: getfacl -R /var/www > permissions.acl
Test on copy: Copy directory structure to test first
Check special files: Identify files that need different permissions
Verify ownership: Ensure correct user/group ownership
After Running:
Test application: Verify website/application works correctly
Check logs: Monitor for permission-related errors
Audit results: Use ls -la to verify permission changes
Document changes: Record what was modified for future reference
This command is a perfect example of how to combine the power of find with permission management for efficient batch operations! π―
π Advanced Techniques
Conditional Permission Setting:
# Different permissions based on file extension
find /var/www \( -name “*.php” -exec chmod 644 {} \; \) -o \( -name “*.sh” -exec chmod 755 {} \; \)
Time-Based Permission Changes:
# Only change files modified in last 7 days
find /var/www -type f -mtime -7 -exec chmod 644 {} \; -o -type d -mtime -7 -exec chmod 755 {} \;
Size-Based Filtering:
# Skip large files (maybe log files that shouldn’t be web accessible)
find /var/www -type f -size -100M -exec chmod 644 {} \; -o -type d -exec chmod 755 {} \;
This demonstrates the flexibility and power of combining Unix tools for system administration tasks! πͺ