Change the access mode of one or more files. Only the owner of a file or a privileged user may change its mode. Create mode by concatenating the characters from who, opcode, and permission. who is optional (if omitted, default is a); choose only one opcode.
If you enter
-v, --verbose: Verbosely describe ownership changes.
- -c, --changes: Print information about files that are changed.
- --no-preserve-root: Do not treat the root directory, /, specially (the default).
- --preserve-root: Do not operate recursively on /, the root directory.
- --reference=filename: Change the group to that associated with filename. In this case, newgroup is not specified.
By default, the chmod command uses concatenation to assign permission bits to a specific file or folder.
Therefore, chmod defaults to adding new values to any permissions values that might already exist on a file or directory.
Suppose that you have a file named userprogram. It has the following permissions: rw-rw-rw-.
would return the file's permissions to its original state.
You must understand that the + and - arguments add and remove permissions, but any permissions you do not specify will remain in force for this particular file or directory. Unless you explicitly add or subtract permissions from the user, group, and everyone blocks of the file or directory, the permissions will remain unchanged.
The = argument, however, works in exactly the opposite way. It removes all permissions except those you explicitly provide.
For example, suppose that you have a file named passwd. Further, suppose that it has full access permissions noted in each block: rwxrwxrwx.
If you used chmod with the = argument, you could modify the permissions without having to revoke each permission individually.
Therefore, if you typed
the file's permissions would read r-xr-x--x.
If you compare the resulting permissions with those the file originally had, you can see that the use of = removed several permissions automatically because you did not explicitly assign them.
If you use the = argument without any modifiers, you will effectively remove all permissions associated with the group you have identified. For example, if you type
users will not be able to read, write, or execute this file.