Setting File Permissions for Shell Scripts

A shell script is a plain text file containing valid commands. To run it as a program (for example, ./welcome), the file must be marked executable.

Unix permissions are grouped into three sets:

• User (u) — the file owner
• Group (g) — users in the owner’s group
• Other (o) — everyone else

Each set can allow read (r), write (w), and execute (x).

To execute your script directly, you must enable execute permission (usually for the owner at minimum).

A script commonly begins with a shebang line that selects the interpreter:

#!/bin/sh

If the shebang is missing, you can still run the script by calling the interpreter explicitly (for example sh welcome), but direct execution (./welcome) is the typical workflow you are learning in this module.

Use ls -l to view permissions. The first 10 characters show type and permissions:

• Position 1: file type (- file, d directory)
• Positions 2–4: user permissions
• Positions 5–7: group permissions
• Positions 8–10: other permissions

Example (not executable yet):

$ ls -l welcome
-rw-r--r-- 1 student students  13 Feb  3 16:39 welcome

The x is missing, so ./welcome will fail with a “Permission denied” error.

Use chmod to change permissions. The safest default is to add execute permission for the file owner only:

$ chmod u+x welcome

Re-check the permissions:

$ ls -l welcome
-rwxr--r-- 1 student students  13 Feb  3 16:39 welcome

Now the file is executable by the owner.

If the script must be runnable by group members, add group execute:

$ chmod g+x welcome

If it must be runnable by everyone (less common; use intentionally):

$ chmod a+x welcome

Best practice: Use the least privilege needed. Most personal scripts should start with chmod u+x.

If the script is in your current directory, run it with a relative path:

$ ./welcome

If you try:

$ welcome

the shell may respond with “command not found” because the current directory is usually not in your PATH.

You can also run a script without execute permission by invoking the interpreter directly:

$ sh welcome

This is useful for testing, but the goal of this lesson is to prepare the file for direct execution.

• Windows line endings (CRLF): If you edited the script on Windows, you may see errors like “bad interpreter.” Convert the file to Unix line endings (LF) using tools like dos2unix or by configuring your editor.
• Interpreter path: Confirm the interpreter exists: ls -l /bin/sh. For bash scripts, #!/usr/bin/env bash is sometimes used for portability.
• Syntax check: Test without running: sh -n welcome or bash -n script.sh.
• Linting: ShellCheck can catch quoting and test-expression mistakes before they become runtime bugs.

Click on the Exercise link below to practice setting correct file permissions in your UNIX Labs account.
Setting File Permissions - Exercise
With the file permissions set, you are ready to run your script in the next lesson.

Execute permission: A Unix file permission that allows a file to be run as a program (for example, ./script).

Root user: The administrative account on Unix systems. Root can still invoke an interpreter directly (for example, sh script.sh), but direct execution (./script.sh) requires the execute bit.

[1]Execute permission: A file permission within UNIX file systems that allows a program to be launched or executed.

[2]UNIX root user: The administrative account on a UNIX system; the superuser who has all access to the system.