ChmodHero - Interactive Tutorial

1

Welcome to Chmod Mastery! 🎯

Let's start with the basics. File permissions control who can do what with files on your system.

The Permission Trinity:

Read (r) - View file contents
Write (w) - Modify file contents
Execute (x) - Run the file

The User Trio:

Owner (u) - File creator
Group (g) - Shared access
Others (o) - Everyone else

Example file listing:
-rw-r--r-- 1 user group 1234 myfile.txt
↑ Owner: rw- (read+write) | Group: r-- (read) | Others: r-- (read)

Ready to learn? Click "Next Step" to continue!

2

Understanding Octal Numbers 🔢

Octal notation is the most common way to set permissions. Each digit represents one user type.

4

Read permission

2

Write permission

1

Execute permission

Example: 755 = 7 (owner) + 5 (group) + 5 (others)
7 = 4+2+1 = rwx (read+write+execute)
5 = 4+0+1 = r-x (read+execute only)

Quick Quiz! 🧠

What does the octal number 644 mean?

3

Your First chmod Command! 🚀

Let's practice with a real scenario. You have a script that needs to be executable.

Current situation:
$ ls -l script.sh
-rw-r--r-- 1 user group 156 script.sh

$ ./script.sh
bash: ./script.sh: Permission denied

Fix it! Make the script executable:

Type a chmod command to make script.sh executable for everyone:

$

Hint: To make a file executable for everyone, you can use either: chmod +x filename or chmod 755 filename

Perfect! The script is now executable. You can run it with ./script.sh

4

Security First! 🔐

Now let's handle a security scenario. SSH private keys must have restricted permissions.

Security issue:
$ ls -l ~/.ssh/id_rsa
-rw-r--r-- 1 user group 1675 /home/user/.ssh/id_rsa

$ ssh server
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0644 for '/home/user/.ssh/id_rsa' are too open.

Secure the SSH key! 🔑

Make the private key readable and writable by owner only:

$

Hint: Private keys should only be accessible by the owner. Use chmod 600 filename (6 = 4+2 = read+write for owner, 0 = no permissions for group and others)

Excellent! Your SSH key is now secure. Only you can read or modify it.

5

Configuration Files 📄

Web servers and applications need to read config files, but they shouldn't be executable.

Current situation:
$ ls -l nginx.conf
-rwxrwxrwx 1 user group 2048 nginx.conf

Security audit: Config file has unnecessary execute permissions!

Fix the config file permissions! ⚙️

Make nginx.conf readable by all, writable by owner only, and NOT executable:

$

Hint: Config files typically use chmod 644 - owner can read/write (6 = 4+2), group and others can read only (4).

Perfect! The config file now has proper permissions. Services can read it, but it's not executable.

✓

Congratulations! 🎉

You've mastered the fundamentals of chmod! You now understand:

✅ What You've Learned:

How file permissions work
Octal notation (644, 755, 600)
Security best practices
Common DevOps scenarios
When to use different permissions

🎯 Key Permission Patterns:

755 - Scripts and executables
644 - Config and text files
600 - Private keys and secrets
750 - Group-accessible scripts
700 - Private directories

Ready for the Real Challenge? 🚀

Time to test your skills with real DevOps scenarios!

Play ChmodHero Reference Guide

Interactive Tutorial