Docs / Troubleshooting / How to Fix Permission Denied Errors on Linux

How to Fix Permission Denied Errors on Linux

By Admin · Mar 2, 2026 · Updated Apr 23, 2026 · 30 views · 3 min read

Understanding Permission Denied

"Permission denied" is one of the most common errors on Linux. It occurs when a user or process attempts to access a file, directory, or resource without the required permissions. On your Breeze, understanding how to diagnose and fix these errors is a fundamental skill.

Quick Diagnosis

# Check the permissions and ownership of the file
ls -la /path/to/file

# Check your current user and groups
whoami
id
groups

The output of ls -la shows: permissions, owner, and group. For example:

-rw-r----- 1 root www-data 4096 Mar 01 12:00 config.php
# Owner: root (rw-), Group: www-data (r--), Others: (---)

Common Causes and Fixes

1. Wrong File Ownership

# Web files should typically be owned by the web server user
sudo chown -R www-data:www-data /var/www/html

# Fix a single file
sudo chown www-data:www-data /var/www/html/config.php

2. Incorrect File Permissions

# Standard web permissions
sudo find /var/www -type d -exec chmod 755 {} \;
sudo find /var/www -type f -exec chmod 644 {} \;

# Scripts that need to be executable
chmod +x /usr/local/bin/myscript.sh

# Sensitive config files (owner read/write only)
chmod 600 /etc/myapp/secrets.conf

3. Missing Execute Permission on Directories

Directories require the execute (x) permission to be traversed. Without it, you cannot cd into or list the directory even if you can read it:

# Fix: add execute for all
chmod +x /path/to/directory

# Fix entire path (every parent needs +x)
chmod +x /var
chmod +x /var/www
chmod +x /var/www/html

4. SELinux or AppArmor Blocking

# Check if SELinux is enforcing
getenforce

# View recent SELinux denials
sudo ausearch -m avc -ts recent

# Temporarily set SELinux to permissive for testing
sudo setenforce 0

# Fix SELinux context
sudo restorecon -Rv /var/www/html

# Check AppArmor status
sudo aa-status

# View AppArmor denials
sudo dmesg | grep "apparmor.*DENIED"

5. SSH Key Permission Errors

# SSH is very strict about permissions
chmod 700 ~/.ssh
chmod 600 ~/.ssh/id_ed25519
chmod 600 ~/.ssh/authorized_keys
chmod 644 ~/.ssh/id_ed25519.pub
chmod 644 ~/.ssh/config

# The home directory must not be writable by others
chmod 755 ~

6. Script or Binary Not Executable

# Make a script executable
chmod +x script.sh

# Or run it through the interpreter
bash script.sh
python3 script.py

Advanced Troubleshooting

# Use namei to check permissions along a path
namei -l /var/www/html/app/config.php

# Check ACLs (Access Control Lists)
getfacl /var/www/html

# Check if filesystem is mounted read-only
mount | grep "on /var "

# Check for immutable flag
lsattr /path/to/file
# Remove immutable flag if set
sudo chattr -i /path/to/file

Prevention Tips

  • Use groups to manage access instead of changing ownership frequently
  • Set the SGID bit on shared directories so new files inherit the correct group
  • Document expected permissions in your deployment scripts
  • Avoid chmod 777 — it is a security risk and almost never the right solution

Was this article helpful?

Related Articles