🔐 chmod Calculator
Calculate Linux/Unix file permissions. Click permission bits or enter an octal code.
Octal Code
chmod 751 file
Symbolic
rwxr-x--x
owner-group-others
Common Permission Presets
📊 Key Data Points
9 bits
Three groups (owner/group/others) times three flags (read/write/execute) equals 9 permission bits
600 for SSH keys
SSH refuses private keys readable by group/others — 600 is the required maximum
777 is dangerous
World-writable files allow any user to overwrite content — a serious security risk
chmod Calculator — Unix File Permission Calculator -- Complete USA Guide 2026
Unix file permissions are represented as three-digit octal numbers (755, 644, 777) that compress nine binary flags — read/write/execute for owner, group, and others — into compact notation. Getting permissions wrong means either security vulnerabilities (world-writable files) or broken deployments (non-executable scripts).
This calculator converts between octal notation, symbolic notation (rwxr-xr-x), and the chmod command you need. Runs in your browser.
**Long-tail searches answered here:** what does chmod 755 mean in detail, chmod 644 vs 755 difference explained, unix file permission calculator octal to symbolic free.
Pair with Docker Compose Generator for container permission troubleshooting.
🔬 How This Calculator Works
File permissions are a 9-bit field split into three 3-bit groups: owner (user), group, others. Each group encodes read (4), write (2), execute (1) as a sum — so 7 = read+write+execute, 6 = read+write, 5 = read+execute, 4 = read-only.
The calculator displays all three representations simultaneously: octal (755), symbolic (rwxr-xr-x), and the chmod command. Toggle individual bits with checkboxes to see how the octal value changes in real time. Special bits: setuid (4000), setgid (2000), and sticky bit (1000) are also supported.
✅ What You Can Calculate
Octal to symbolic and back
Instantly converts between 755 and rwxr-xr-x representations. No memorizing which number maps to which combination of read/write/execute flags.
Visual bit toggle
Click individual read/write/execute checkboxes for owner/group/others and watch the octal value update in real time.
setuid, setgid, sticky bit
The special permission bits (4755 = setuid, 2755 = setgid, 1755 = sticky) are often misunderstood. This calculator shows them explicitly with explanations.
Ready-to-use chmod command
Outputs the exact chmod NNN filename command to copy and run. No translation step between 755 and what to type in the terminal.
🎯 Real Scenarios & Use Cases
Web server file permissions
Apache and Nginx require specific permissions: 644 for HTML/CSS/JS files, 755 for directories. Verify here before chmod-ing your entire document root.
SSH key permissions
SSH requires private keys to be 600 (owner read-write only) or it refuses to connect with permissions too open. Verify the exact octal here before chmod.
Shell script executability
Your deploy script needs to be executable but not world-writable. 755 gives the owner execute permission and lets everyone read-execute without writing.
Container file permissions
Docker containers often run as non-root users and hit permission denied errors. Calculate the correct permissions here before adding RUN chmod commands to your Dockerfile.
💡 Pro Tips for Accurate Results
644 for files, 755 for directories. This is the standard web server permission pattern. Files need no execute bit. Directories need execute to allow traversal.
Never use 777 in production. World-writable means any user on the system can overwrite your files. Use 644 or 755 instead.
Check effective permissions with ls -la. The octal from this calculator is what you pass to chmod. To verify it applied correctly, run ls -la filename and compare the symbolic notation.
setuid on directories. The setuid bit on directories has no effect on most Linux systems, but setgid on directories makes new files inherit the group owner — useful for shared project directories.
🔗 Use These Together
🏁 Bottom Line
Unix permissions are a fundamental that every developer encounters when deploying code, configuring SSH, or debugging permission denied errors. The octal notation is compact but non-obvious — this calculator makes the bit-to-number mapping concrete and generates the chmod command you need.
For deployment security: verify permissions here, manage containers with Docker Compose Generator, and protect secrets with RSA Key Info.
What do the three groups in Unix permissions mean?
Every file in a Unix system has three sets of permissions: owner (the user who owns the file), group (users belonging to the file's assigned group), and other (everyone else). Each set has three bits: read (r), write (w), and execute (x). The typical pattern rwxr-xr-x means: owner can read, write, and execute; group members can read and execute but not write; all others can read and execute but not write. This is the basis of Unix security — a web server process only accesses files where 'other' or its group has the needed permissions.
What is the difference between chmod 755 and chmod 644?
chmod 755 (rwxr-xr-x) is the standard for directories and executable scripts: the owner has full control, everyone else can read and traverse. chmod 644 (rw-r--r--) is the standard for regular files: the owner can read and write, everyone else can only read. The rule: directories and scripts that need execution use 755; regular files like HTML, CSS, images, and configuration files use 644. A common mistake is setting all files to 777 (rwxrwxrwx — everyone can do everything), which is a security risk on any shared or internet-facing system.
What does the execute bit mean for a directory?
For files, the execute bit means the file can be run as a program. For directories, it means the directory can be entered — you can cd into it and access files inside. This differs from read (r), which lets you list directory contents with ls. A directory with r but not x shows filenames but denies access to the files. A directory with x but not r allows access to specific files (if you know the exact name) but ls shows 'Permission denied'. Most useful directories need both r and x.
What does chmod 4755 (the setuid bit) do?
The setuid bit (4 in the leading digit) causes an executable to run with the permissions of the file owner rather than the user running it. The canonical example: /usr/bin/passwd needs to write to /etc/shadow (owned by root), but runs as the regular user. The setuid bit lets it temporarily run as root for that specific operation. Setuid is security-critical: a vulnerable setuid root binary can be exploited to escalate privileges. In web application development, setuid binaries should be avoided unless absolutely necessary.
How do I fix 'Permission denied' errors in a Linux web server?
Most common causes: (1) The web server process (nginx/apache running as www-data) does not have read permission on the file — check with ls -la and ensure 'other' or the group has at least r. (2) A directory in the path does not have execute permission for the web server user — every directory from / to the file must be traversable. (3) SELinux or AppArmor is blocking access despite correct permissions — check /var/log/audit/audit.log. Quickest diagnostic: sudo -u www-data cat /path/to/file.
What is umask and how does it affect file creation permissions?
umask is subtracted from the maximum permissions when creating new files. Default maximum for files: 666 (rw-rw-rw-). With common umask 022: files are created at 644 (666 minus 022), directories at 755 (777 minus 022). umask 027 creates files at 640 and directories at 750, blocking 'other' from any access. Web applications running as a dedicated user often set umask 027 or 077 to ensure created files are not world-readable by default.
What other infrastructure tools are on this site?
The CIDR Calculator handles IP subnet math — the other common infrastructure task requiring bit-level thinking. The Cron Expression Generator builds scheduled task syntax for server automation. The Bandwidth Calculator estimates network throughput. The HTTP Status Codes reference covers server log error codes. The .htaccess Generator builds Apache redirect and rewrite rules. All are in the Dev Tools section.