UseToolSuite UseToolSuite

Chmod Calculator

Calculate Linux/Unix file permissions visually. Convert between octal (755) and symbolic (rwxr-xr-x) notation instantly with an interactive checkbox interface — free online tool for DevOps and sysadmins.

Last updated

Chmod Calculator is a free, browser-based tool from UseToolSuite's Generator Tools collection. All processing happens locally on your device — your data is never uploaded to any server. Use the tool below, then scroll down for detailed documentation, frequently asked questions, and related resources.

Advertisement
rwxr-xr-x
Presets:
Role Read (r)Write (w)Execute (x) Value
Owner 0
Group 0
Others 0

Special Permissions

chmod Command
chmod 755 filename
ls -la Output
-rwxr-xr-x

What is Chmod Calculator?

Chmod Calculator is a free visual tool for calculating Linux and Unix file permissions. It converts between octal notation (like 755) and symbolic notation (like rwxr-xr-x) instantly, with an interactive checkbox grid that makes it easy to understand exactly what each permission bit does. Whether you're configuring a web server, setting up SSH keys, or deploying scripts, this tool eliminates the guesswork from file permission management. It also supports special permission bits: setuid, setgid, and sticky bit.

When to use it?

Use the Chmod Calculator whenever you need to set or verify file permissions on Linux/Unix systems. It's especially useful when configuring web server document roots (directories need 755, files need 644), securing SSH keys (must be 600), setting up deployment scripts (need execute permission), or debugging "Permission denied" errors. The visual checkbox interface is faster and less error-prone than memorizing octal values.

Common use cases

DevOps engineers use this tool to configure permissions for CI/CD deployment scripts, Docker volumes, and Kubernetes mounted configs. System administrators use it to audit file permissions across server directories, set up shared directories with appropriate group permissions, and configure the sticky bit on /tmp-style directories. Web developers use it to troubleshoot Apache/Nginx 403 Forbidden errors caused by incorrect directory permissions.

Reading permissions as octal

Unix permissions break into three groups — owner, group, others — each with three bits: read (4), write (2), execute (1). Add the bits per group and you get one octal digit:

OctalBitsSymbolicMeans
74+2+1rwxread, write, execute
64+2rw-read, write
54+1r-xread, execute
44r—read only

So 755 = owner rwx, group r-x, others r-x. This calculator converts between the octal form and the symbolic rwxr-xr-x form interactively, with checkboxes for each bit.

The common values worth memorizing

ModeUse
644Regular files (owner edits, others read)
755Directories and executables/scripts
600Private files — SSH keys, secrets
700Private directories (~/.ssh)

600 and 700 matter for security: SSH refuses to use a private key that’s readable by other users, so chmod 600 ~/.ssh/id_ed25519 is a required step, not optional.

Special bits

A fourth leading octal digit sets special permissions: setuid (4) runs an executable as its owner, setgid (2) runs as the group owner (or makes new files in a directory inherit the group), and the sticky bit (1) restricts deletion in a shared directory to each file’s owner — which is why /tmp is 1777. So chmod 1755 is 755 plus the sticky bit.

When the mode looks right but access is denied

If permissions seem correct but access still fails, look beyond the mode: extended ACLs (getfacl) or SELinux contexts (ls -Z) can override standard permissions, and on a mounted FAT/NTFS filesystem chmod may have no effect at all. The namei -l /path/to/file command shows the permissions of every directory along the path, which usually reveals the missing traverse bit. This tool calculates Unix/POSIX permissions; Windows uses a different ACL-based system entirely.

How helpful was this tool?

Click to rate

Advertisement

Key Concepts

Essential terms and definitions related to Chmod Calculator.

File Permission (Unix)

A set of rules controlling who can read, write, or execute a file on Unix/Linux systems. Permissions are assigned to three classes: Owner (the file creator), Group (users sharing a group), and Others (everyone else). Each class has three permission bits: read (r/4), write (w/2), and execute (x/1). Permissions are displayed as a 9-character string (rwxr-xr-x) or a 3-digit octal number (755).

Octal Notation

A base-8 number system used to represent Unix file permissions. Each octal digit (0-7) encodes three permission bits: read (4) + write (2) + execute (1). Three digits represent owner, group, and others respectively. For example, 755 means owner=7 (rwx), group=5 (r-x), others=5 (r-x). An optional fourth leading digit encodes special permissions: setuid (4), setgid (2), sticky bit (1).

Symbolic Notation

A human-readable format for Unix file permissions using the letters r (read), w (write), x (execute), and - (no permission). The 9-character string is read in groups of three: owner, group, others. For example, rwxr-xr-- means the owner can read/write/execute, the group can read/execute, and others can only read. Special permissions are shown as s (setuid/setgid) or t (sticky bit) in place of x.

Sticky Bit

A special permission bit (octal 1) that, when set on a directory, restricts file deletion to the file owner, directory owner, or root — even if other users have write permission on the directory. The most common example is /tmp, which uses permissions 1777: everyone can create files, but only each file's owner can delete it. Displayed as t (or T if execute is not set) in the others' execute position: drwxrwxrwt.

Frequently Asked Questions

What does chmod 755 mean?

chmod 755 sets the following permissions: Owner can read, write, and execute (7 = rwx); Group can read and execute (5 = r-x); Others can read and execute (5 = r-x). This is the standard permission for executable scripts and public directories on web servers. The owner has full control, while everyone else can read and execute but not modify.

What is the difference between octal and symbolic chmod notation?

Octal notation uses three digits (e.g., 755) where each digit represents the sum of permission values: read=4, write=2, execute=1. Symbolic notation uses letters (e.g., rwxr-xr-x) where r=read, w=write, x=execute, and - means no permission. Both represent the same permissions — octal is faster to type, symbolic is easier to read. This tool converts between them instantly.

What are the most common chmod values?

644 (rw-r--r--) is standard for files: owner can read/write, everyone else read-only. 755 (rwxr-xr-x) is standard for directories and scripts: owner has full access, others can read/execute. 600 (rw-------) is for private files like SSH keys: only owner can read/write. 777 (rwxrwxrwx) gives everyone full access and should be avoided for security reasons.

What is the special permission bit (setuid, setgid, sticky)?

Special permissions are represented by a fourth octal digit prepended to the standard three: setuid (4) runs executables as the file owner, setgid (2) runs them as the group owner or inherits group on directories, and sticky bit (1) prevents deletion by non-owners in shared directories like /tmp. For example, chmod 1755 adds the sticky bit to standard 755 permissions.

Does this tool work for Windows file permissions?

No. This tool calculates Unix/Linux file permissions (POSIX). Windows uses a different permission system based on Access Control Lists (ACLs) with user/group SIDs. If you are on Windows using WSL (Windows Subsystem for Linux), chmod commands work within the WSL filesystem.

Why doesn't chmod 777 fix my 'permission denied' — and why is it dangerous?

777 makes a file readable, writable, AND executable by everyone, which is both a security hole and often not the actual problem. The danger: world-writable files let ANY user or process on the system modify them — for a web server's files, that's a direct path to compromise (an attacker who gets any foothold can overwrite your code). The reason it frequently doesn't fix the error is that 'permission denied' is usually about OWNERSHIP or a DIRECTORY along the path, not the file's mode — if the web server runs as www-data but the file is owned by you with no group access, or if a parent directory lacks the execute (traverse) bit, 777 on the file alone won't help. The correct fix is almost always proper ownership (chown) plus sane modes: 644 for files, 755 for directories — never reach for 777 as a debugging shortcut.

What does the execute bit do on a directory versus a file?

It means completely different things. On a FILE, the execute bit (x) makes it runnable as a program or script. On a DIRECTORY, x is the 'traverse' or 'enter' permission — it controls whether you can cd INTO the directory and access files inside it by name. This is the source of countless bugs: a directory with read (r) but no execute (x) lets you LIST the filenames but not actually open any of them; a directory with execute but no read lets you access a file IF you know its exact name but not list the contents. That's why directories normally need 755 (rwxr-xr-x) — everyone needs the x bit to traverse into them — while files only need 644 (rw-r--r--). Removing x from a directory in a path is a classic cause of mysterious 'permission denied' on files that look perfectly readable.

Troubleshooting & Technical Tips

Common errors developers encounter and how to resolve them.

chmod: Operation not permitted — Cannot change permissions

This error occurs when you are not the file owner and not root. Solutions: (1) Use sudo: sudo chmod 755 file.sh. (2) Check ownership with ls -la and change it with sudo chown youruser:yourgroup file. (3) On some filesystems (FAT32, NTFS mounted in Linux), chmod has no effect because the filesystem does not support Unix permissions. Use mount options like fmask and dmask instead.

Permission denied despite correct chmod — SELinux or ACL override

If standard permissions look correct but access is still denied, check for extended ACLs (getfacl file) and SELinux context (ls -Z file). SELinux enforces mandatory access control that overrides standard Unix permissions. Use sestatus to check if SELinux is enforcing, and restorecon to fix contexts. ACLs set with setfacl can also override standard permissions — remove them with setfacl -b file.

SSH key rejected: Permissions 0644 are too open

SSH requires private keys to have restrictive permissions. If you see "WARNING: UNPROTECTED PRIVATE KEY FILE", set the correct permissions: chmod 600 ~/.ssh/id_rsa (private key, owner read/write only), chmod 644 ~/.ssh/id_rsa.pub (public key), chmod 700 ~/.ssh/ (directory). SSH refuses to use keys that are readable by other users as a security measure.

Web server 403 Forbidden — Incorrect directory or file permissions

Web servers (Apache, Nginx) need specific permissions to serve files. Directories need execute permission (typically 755) for the server to traverse them. Files need read permission (typically 644). The web server process user (www-data, nginx, or apache) must have read access. Check with: namei -l /var/www/html/index.html to see permissions for every directory in the path.

Related Guides

In-depth articles covering the concepts behind Chmod Calculator.

Advertisement

Related Tools