Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
chmod(2)		      System Calls Manual		      chmod(2)

       chmod(),	fchmod() - change file mode access permissions

       The  and	 system	 calls set the access permission portion of the	file's
       mode according to the bit pattern contained in mode.  path points to  a
       path name naming	a file.	 fildes	is a file descriptor.

       The  following  symbolic	 constants  representing the access permission
       bits are	defined	with the indicated values in and are used to construct
       the  mode  argument.  The value of mode is the bit-wise inclusive OR of
       the values for the desired permissions.

       To change the mode of a file, the effective user	ID of the process must
       match  that  of the owner of the	file or	a user with appropriate	privi-

       If the effective	user ID	of the process is not that of a	user with  ap-
       propriate privileges, mode bit is cleared.

       If  the effective user ID of the	process	is not that of a user with ap-
       propriate privileges, and the effective group ID	of  the	 process  does
       not  match  the	group  ID of the file and none of the group IDs	in the
       supplementary groups list match the group ID of the file, mode  bit  is

       The  mode  bit  (same  as  is  used  to	enforce	file-locking mode (see
       lockf(2)	and fcntl(2)) on files that are	not  group  executable.	  This
       might  affect future calls to and on such files (see open(2), creat(2),
       read(2),	and write(2)).

       If an executable	file is	prepared for sharing, mode  bit	 prevents  the
       system from abandoning the swap-space image of the program-text portion
       of the file when	its last user terminates.  Then, when the next user of
       the  file  executes  it,	the text need not be read from the file	system
       but can simply be swapped in, thus saving time.

       If the mode bit (sticky bit) is set on a	directory,  files  inside  the
       directory  may be renamed or removed only by the	owner of the file, the
       owner of	the directory, or the superuser	(even if the modes of the  di-
       rectory would otherwise allow such an operation).

       If the path given to contains a symbolic	link as	the last element, this
       link is traversed and path name resolution continues.  changes the  ac-
       cess mode of the	symbolic link's	target,	rather than the	access mode of
       the link.

   Access Control Lists	- HFS File Systems Only
       All optional entries in a file's	access control list are	 deleted  when
       is  executed.   (This  behavior	conforms  to  the  IEEE	Standard POSIX
       1003.1-1988.)  To preserve optional entries in a	file's access  control
       list, it	is necessary to	save and restore them using and	(see getacl(2)
       and setacl(2)).

       To set the permission bits of access control list entries, use  instead

   Access Control Lists	- JFS File Systems Only
       The  effective  permissions granted by optional entries in a file's ac-
       cess control list may be	changed	when is	executed.  In particular,  us-
       ing  to remove read, write and execute permissions from a file's	owner,
       owning group, and all others works as expected, because affects the en-
       try  in	the ACL, limiting any access that can be granted to additional
       users or	groups via optional ACL	entries.  The effect can  be  verified
       by doing	a getacl(1) on the file	after the and noting that all optional
       (non-default) ACL entries with nonzero permissions also have  the  com-

       To  set the permission bits of access control list entries, use instead

       For more	information on access control list  entries,  see  acl(5)  and

       returns the following values:

	      Successful completion.
		     is	set to indicate	the error.

       If  or fails, the file mode is unchanged.  is set to one	of the follow-
       ing values.

	      [EACCES]		  Search permission is denied on  a  component
				  of the path prefix.

	      [EBADF]		  fildes is not	a valid	file descriptor.

	      [EFAULT]		  path	points	outside	 the allocated address
				  space	of the process.	 The  reliable	detec-
				  tion	of this	error is implementation	depen-

	      [EINVAL]		  path or fildes descriptor does not refer  to
				  an appropriate file.

	      [ELOOP]		  Too  many symbolic links were	encountered in

	      [ENAMETOOLONG]	  A component of path exceeds bytes  while  is
				  in effect or path exceeds bytes.

	      [ENOENT]		  A  component	of  path  or the file named by
				  path does not	exist.

	      [ENOTDIR]		  A component of the path prefix is not	a  di-

	      [EPERM]		  The effective	user ID	does not match that of
				  the owner of the  file,  and	the  effective
				  user ID is not that of a user	with appropri-
				  ate privileges.

	      [EROFS]		  The named file resides on a  read-only  file

       was developed by	AT&T, the University of	California, Berkeley, and HP.

       was developed by	the University of California, Berkeley.

       chmod(1),  getacl(1), chown(2), creat(2), fcntl(2), getacl(2), read(2),
       lockf(2), mknod(2), open(2), setacl(2), write(2), acl(5), aclv(5).



Want to link to this manual page? Use this URL:

home | help