Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
chmod(2)							      chmod(2)

NAME
       chmod, fchmod - change access permission	mode of	file

SYNOPSIS
       #include	<sys/types.h>
       #include	<sys/stat.h>

       int chmod(const char *path, mode_t mode);

       int fchmod(int fildes, mode_t mode);

       The chmod() and fchmod()	functions set the access permission portion of
       the mode	of the file whose name is given	by path	or referenced  by  the
       open  file  descriptor fildes to	the bit	pattern	contained in mode. Ac-
       cess permission bits are	interpreted as follows:

       S_ISUID	    04000     Set user ID on execution.
       S_ISGID	    020#0     Set group	ID on execution	if #  is  7,
			      5,   3,	or   1.	  Enable   mandatory
			      file/record locking if # is 6,  4,  2,
			      or 0.
       S_ISVTX	    01000     Sticky bit.
       S_IRWXU	    00700     Read, write, execute by owner.
       S_IRUSR	    00400     Read by owner.
       S_IWUSR	    00200     Write by owner.
       S_IXUSR	    00100     Execute  (search	if  a  directory) by
			      owner.
       S_IRWXG	    00070     Read, write, execute by group.
       S_IRGRP	    00040     Read by group.
       S_IWGRP	    00020     Write by group.
       S_IXGRP	    00010     Execute by group.
       S_IRWXO	    00007     Read, write, execute (search) by	oth-
			      ers.
       S_IROTH	    00004     Read by others.
       S_IWOTH	    00002     Write by others.
       S_IXOTH	    00001     Execute by others.

       Modes are constructed by	the bitwise OR operation of the	access permis-
       sion bits.

       The effective user ID of	the process must match the owner of  the  file
       or  the	process	must have the appropriate privilege to change the mode
       of a file.

       If the process is not a privileged process and the file is not a	direc-
       tory, mode bit 01000 (save text image on	execution) is cleared.

       If  neither  the	process	is privileged nor the file's group is a	member
       of the process's	 supplementary group list, and the effective group  ID
       of  the process does not	match the group	ID of the file,	mode bit 02000
       (set group ID on	execution) is cleared.

       If a directory is writable and has S_ISVTX (the sticky bit) set,	 files
       within  that directory can be removed or	renamed	only if	one or more of
       the following is	true (see unlink(2) and	rename(2)):

	 o  the	user owns the file

	 o
	    the	user owns the directory

	 o  the	file is	writable by the	user

	 o  the	user is	a privileged user

       If a regular file is not	executable and has S_ISVTX set,	 the  file  is
       assumed	to  be a swap file. In this case, the system's page cache will
       not be used to hold the file's data. If the S_ISVTX bit is set  on  any
       other file, the results are unspecified.

       If  a  directory	 has  the  set	group ID bit set, a given file created
       within that directory will have	the same group ID  as  the  directory.
       Otherwise,  the newly created file's group ID will be set to the	effec-
       tive group ID of	the creating process.

       If the mode bit 02000 (set group	ID on execution) is set	and  the  mode
       bit   00010  (execute  or  search  by  group)  is  not  set,  mandatory
       file/record locking will	exist on a regular  file,  possibly  affecting
       future calls to open(2),	creat(2), read(2), and write(2)	on this	file.

       If  fildes references a shared memory object, fchmod() need only	affect
       the S_IRUSR, S_IRGRP,  S_IROTH,	S_IWUSR,  S_IWGRP,  S_IWOTH,  S_IXUSR,
       S_IXGRP,	and S_IXOTH file permission bits.

       If  fildes  refers to a socket, fchmod()	does not fail but no action is
       taken.

       If fildes refers	to a STREAM that is attached to	an object in the  file
       system  name  space with	fattach(3C), the fchmod() call performs	no ac-
       tion and	returns	successfully.

       Upon successful completion, chmod() and fchmod()	mark  for  update  the
       st_ctime	field of the file.

       Upon  successful	 completion, 0 is returned. Otherwise, -1 is returned,
       the file	mode is	unchanged, and errno is	set to indicate	the error.

       The chmod() and fchmod()	functions will fail if:

       EIO	       An I/O error occurred while reading from	or writing  to
		       the file	system.

       EPERM	       The  effective  user ID does not	match the owner	of the
		       file and	the process does not have  appropriate	privi-
		       lege.

		       The  {PRIV_FILE_OWNER}  privilege overrides constraints
		       on ownership when changing permissions on a file.

		       The {PRIV_FILE_SETID} privilege	overrides  constraints
		       on  ownership  when adding the setuid or	setgid bits to
		       an executable file or a directory.  When	adding the se-
		       tuid  bit  to  a	 root owned executable,	additional re-
		       strictions apply. See privileges(5).

       The chmod() function will fail if:

       EACCES	       Search permission is denied on a	component of the  path
		       prefix  of  path. The privilege {FILE_DAC_SEARCH} over-
		       rides file permissions restrictions in that case.

       EFAULT	       The path	argument points	to an illegal address.

       ELOOP	       A loop exists in	symbolic links encountered during  the
		       resolution of the path argument.

       ENAMETOOLONG    The  length  of	the path argument exceeds PATH_MAX, or
		       the length of a path component exceeds  NAME_MAX	 while
		       _POSIX_NO_TRUNC is in effect.

       ENOENT	       Either  a  component of the path	prefix or the file re-
		       ferred to by path does not exist	or is a	null pathname.

       ENOLINK	       The fildes argument points to a remote machine and  the
		       link to that machine is no longer active.

       ENOTDIR	       A component of the prefix of path is not	a directory.

       EROFS	       The  file  referred  to	by path	resides	on a read-only
		       file system.

       The fchmod() function will fail if:

       EBADF	       The fildes argument is not an open file descriptor

       ENOLINK	       The path	argument points	to a remote  machine  and  the
		       link to that machine is no longer active.

       EROFS	       The  file  referred to by fildes	resides	on a read-only
		       file system.

       The chmod() and fchmod()	functions may fail if:

       EINTR	       A signal	was caught during execution of the function.

       EINVAL	       The value of the	mode argument is invalid.

       The chmod() function may	fail if:

       ELOOP	       More than {SYMLOOP_MAX} symbolic	links were encountered
		       during the resolution of	the path argument.

       ENAMETOOLONG    As  a result of encountering a symbolic link in resolu-
		       tion of thepath argument, the length of the substituted
		       pathname	strings	exceeds	{PATH_MAX}.

       The fchmod() function may fail if:

       EINVAL	       The  fildes  argument  refers  to a pipe	and the	system
		       disallows execution of this function on a pipe.

       Example 1: Set Read Permissions for User, Group,	and Others

       The following example sets read permissions for the owner,  group,  and
       others.

       #include	<sys/stat.h>
       const char *path;
       ...
       chmod(path, S_IRUSR|S_IRGRP|S_IROTH);

       Example 2: Set Read, Write, and Execute Permissions for the Owner Only

       The following example sets read,	write, and execute permissions for the
       owner, and no permissions for group and others.

       #include	<sys/stat.h>
       const char *path;
       ...
       chmod(path, S_IRWXU);

       Example 3: Set Different	Permissions for	Owner, Group, and Other

       The following example sets owner	permissions for	 CHANGEFILE  to	 read,
       write,  and  execute,  group permissions	to read	and execute, and other
       permissions to read.

       #include	<sys/stat.h>
       #define CHANGEFILE "/etc/myfile"
       ...
       chmod(CHANGEFILE, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH);

       Example 4: Set and Checking File	Permissions

       The following example sets the file permission bits for	a  file	 named
       /home/cnd/mod1,	then  calls the	stat(2)	function to verify the permis-
       sions.

       #include	<sys/types.h>
       #include	<sys/stat.h>
       int status;
       struct stat buffer
       ...
       chmod("home/cnd/mod1", S_IRWXU|S_IRWXG|S_IROTH|S_IWOTH);
       status =	stat("home/cnd/mod1", &buffer;);

       If chmod() or fchmod() is used to change	the file group	owner  permis-
       sions  on a file	with non-trivial ACL entries, only the ACL mask	is set
       to the new permissions and the  group  owner  permission	 bits  in  the
       file's  mode  field (defined in mknod(2)) are unchanged.	 A non-trivial
       ACL entry is one	whose meaning cannot be	represented in the file's mode
       field  alone.  The new ACL mask permissions  might change the effective
       permissions for additional users	and groups that	have  ACL  entries  on
       the file.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE	TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Standard			   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Async-Signal-Safe		   |
       +-----------------------------+-----------------------------+

       chmod(1), chown(2), creat(2), fcntl(2), mknod(2), open(2), read(2), re-
       name(2),	stat(2), write(2), fattach(3C),	mkfifo(3C), stat.h(3HEAD), at-
       tributes(5), privileges(5), standards(5)

				  12 Sep 2005			      chmod(2)

NAME | SYNOPSIS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=chmod&sektion=2&manpath=SunOS+5.10>

home | help