*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> chmod (1)              



NAME    [Toc]    [Back]

       chmod - Changes permission codes

SYNOPSIS    [Toc]    [Back]

   Absolute Mode
       chmod [-fR] absolute_mode file...

   Symbolic Mode    [Toc]    [Back]
       chmod [-fR] [who] +permission ... file...

       chmod [-fR] [who] -permission ... file...

       chmod [-fR] [who] = [permission]... file...

       The  chmod  command  modifies the read, write, and execute
       permissions of specified files and the search  permissions
       of specified directories.

STANDARDS    [Toc]    [Back]

       Interfaces  documented  on  this reference page conform to
       industry standards as follows:

       chmod:  XCU5.0

       Refer to the standards(5) reference page for more information
 about industry standards and associated tags.

OPTIONS    [Toc]    [Back]

       [Tru64  UNIX]  Does  not report an error if chmod fails to
       change the mode on a file.  Causes  chmod  to  recursively
       descend its directory arguments, setting the mode for each
       file as described in the sections Symbolic Mode and  Absolute
  Mode.   When  symbolic  links are encountered, their
       mode is not changed and they are not traversed.

OPERANDS    [Toc]    [Back]

       Pathname of the file that is to have the  permission  bits
       modified.  Octal permission_code for setting the file permissions.
  This code is formed as described under Absolute
       Mode  in  the DESCRIPTION section.  Specifies whether permissions
 are being defined for a user, group, or all  others.
   This operand is more fully described under Symbolic
       Mode in the DESCRIPTION Section.  Specifies the  operation
       to  be  performed  on the permissions being defined.  This
       operand is more fully described under Symbolic Mode in the
       DESCRIPTION  Section.   Specifies  the  permissions  being
       defined.  This operand is more fully described under  Symbolic
 Mode in the DESCRIPTION Section.

DESCRIPTION    [Toc]    [Back]

       You  can  use  either symbolic or absolute mode to specify
       the desired permission settings.

       You can change the permission code of a file or  directory
       only if you own it or if you have superuser authority.

       [Tru64  UNIX]  If  a  named file is a symbolic link, chmod
       changes the mode of the link's target file unless  the  -R
       option  is  used.  If  the -R option is used, chmod leaves
       links and their target files untouched.

   Symbolic Mode    [Toc]    [Back]
       A symbolic mode has the form: [who]  operation  permission
       [operation permission] ...

       The  who  argument specifies whether you are defining permissions
 for a user, group, or all others, or any combination
  of  these.  The operation argument specifies whether
       the permission is being added,  taken  away,  or  assigned
       absolutely.  The permission argument identifies the operation
 that the specified users can perform on file.

       Valid options for the who argument are  as  follows:  User
       (owner) Group All others User, group, and all others (same
       effect as the combination ugo)

       [Tru64 UNIX]  If the who argument is omitted, the  default
       is  a,  but  the  setting of the file creation mask, umask
       (see umask(1), csh, ksh, sh), is applied.

       Valid options for the operation argument are  as  follows:
       Removes  specified  permissions.   Adds  specified permissions.
  Clears the selected permission field and  sets  it
       to the code specified.  If you do not specify a permission
       code following =, chmod removes all permissions  from  the
       selected field.

       Valid  options for the permission argument are as follows:
       Read permission.  Write  permission.   Execute  permission
       for  files,  search  permission  for directories.  Execute
       permission only if file is a directory  or  at  least  one
       execute  bit  is set.  Set-user-ID or set-group-ID permission.

              This permission bit sets the effective user  ID  or
              group  ID  to  that  of the owner or group owner of
              file whenever the file is run.  Use this permission
              setting  in  combination  with the u or g option to
              allow temporary or restricted access to  files  not
              normally  accessible  to other users.  An s appears
              in the user or group execute  position  of  a  long
              listing  (see  ls)  to show that the file runs with
              set-user-ID  or  set-group-ID  permission.   [Tru64
              UNIX]  Save text permission.

              [Tru64  UNIX]  In earlier versions of the UNIX system,
 setting this permission bit  caused  the  text
              segment  of  a  program to remain in virtual memory
              after its first use.  The system thus avoided  having
  to  transfer  the  program  code of frequently
              accessed  programs  into  the  paging  area.   A  t
              appears  in  the execute position of the all others
              option to indicate that the file has this bit  (the
              sticky bit) set.

              [Tru64 UNIX]  If a directory has this bit set, then
              deletion in it is restricted.  An entry in a sticky
              directory  can be removed or renamed by a user only
              if the user has write permission for the  directory
              and the user is the owner of the file, the owner of
              the   directory,   or   the   superuser.     [Tru64
              UNIX]  Mandatory locking.

              [Tru64  UNIX]  Mandatory  file  and  record locking
              refers to a file's ability to have read  and  write
              permissions   locked   while   another  program  is
              accessing that file.  It is not possible to  permit
              group  execution  and enable a file to be locked on
              an execution  at the same time.  In addition, it is
              not  possible  to  turn on the set-group-ID bit and
              enable a file to be locked on execution at the same
              time.   In  order  to turn on a file's set-group-ID
              bit, your own  group  ID  must  correspond  to  the
              file's and group execution must be set.

       The  u, g, and o options indicate that permission is to be
       taken from the current mode.  Omitting permission is  only
       useful with = to take away all permissions.

       All  permission bits not explicitly specified are cleared.

       You can specify multiple symbolic  modes,  separated  with
       commas.   Do  not separate items in this list with spaces.
       Operations are performed in the  order  they  appear  from
       left to right.

   Absolute Mode    [Toc]    [Back]
       Absolute  mode lets you use octal notation to set each bit
       in the permission code.  The chmod command sets  the  permissions
  to the permission_code you provide.  The permission_code
 is constructed by  combining  (logical  OR)  the
       following  values:  Sets user ID on execution.  Sets group
       ID on execution.  [Tru64 UNIX]  Sets the sticky bit, which
       does  the  following:  [Tru64  UNIX]  Retains memory image
       after execution (executable file) [Tru64  UNIX]  Restricts
       file removal (directory file)

              [Tru64  UNIX]  You must have appropriate privileges
              to set the sticky bit.  See chmod(2).  Permits read
              by owner.  Permits write by owner.  Permits execute
              or search by owner.  Permits read by  group.   Permits
  write by group.  Permits execute or search by
              group.  Permits read by others.  Permits  write  by
              others.  Permits execute or search by others.

   System V Compatibility    [Toc]    [Back]
       [Tru64 UNIX]  The root of the directory tree that contains
       the commands modified for SVID 2 compliance  is  specified
       in  the  file /etc/svid2_path. You can use /etc/svid2_profile
  as  the  basis  for,  or   to   include   in,   your
       /etc/svid2_profile  reads  /etc/svid2_path  and  sets  the
       first entries in the PATH environment variable so that the
       modified SVID 2 commands are found first.

       [Tru64  UNIX]  The  SVID  2 compliant version of the chmod
       command ignores the umask value if who is not specified in
       the  symbolic  mode  of the command (chmod [who] operation
       permission).  In other words, if you  omit  who  from  the
       chmod  command  line,  the  version of the command that is
       compliant with the SVID 2 standard behaves exactly  as  if
       you  specified  the character a as the value for who.  The
       version of the chmod command that is SVID 2 compliant also
       supports equivalents in absolute mode for the s permission
       in symbolic mode.  In  absolute  mode,  setting  the  bits
       04000  represents  set-user-ID  and setting the bits 02000
       represents set-group-ID.

NOTES    [Toc]    [Back]

       The correspondence between octal value  and  mode  bit  is
       given in the following table.

       Octal Value   Symbolic Mode   Meaning
       S_ISUID       4000            set user id on execution
       S_ISGID       2000            set group id on execution
       S_IRUSR       0400            read permission: owner
       S_IWUSR       0200            write permission: owner
       S_IXUSR       0100            execute/search  permission:
       S_IRGRP       0040            read permission: group
       S_IWGRP       0020            write permission: group
       S_IXGRP       0010            execute/search  permission:
       S_IROTH       0004            read permission: other
       S_IWOTH       0002            write permission: other
       S_IXOTH       0001            execute/search  permission:

EXIT STATUS    [Toc]    [Back]

       The following exit values are returned: Successful completion.
  An error occurred.

EXAMPLES    [Toc]    [Back]

       To add a type of permission to several files, enter: chmod
       g+w chap1 chap2

              This adds write permission for group members to the
              files  chap1 and chap2.  To make several permission
              changes at once, enter: chmod go-w+x mydir

              This denies group members and others the permission
              to  create  or  delete  files  in mydir (go-w).  It
              allows them to search mydir or use it in a pathname
              (go+x). This is equivalent to the following command
              sequence: chmod g-w mydir chmod o-w mydir chmod g+x
              mydir  chmod  o+x mydir To permit only the owner to
              use a shell procedure as a  command,  enter:  chmod
              u=rwx,go= cmd

              This  gives  read, write, and execute permission to
              the user who owns the file (u=rwx).  It also denies
              the  group  and others the permission to access cmd
              in any way (go=).

              If you have permission to  execute  the  cmd  shell
              command file, you can run it by entering: cmd

              or ./cmd To use set-ID modes, enter: chmod ug+s cmd

              When cmd is executed,  this  causes  the  effective
              user  and group IDs to be set to those that own the
              file cmd.  Only the effective IDs  associated  with
              the  subprocess  that  runs  cmd  are changed.  The
              effective  IDs  of   the   shell   session   remain

              This feature allows you to permit restricted access
              to important files.  Suppose that the file cmd  has
              the set-user-ID mode enabled and is owned by a user
              called dbms.  Although dbms is not actually a  person,
 it might be associated with a database management
 system.  The user betty does not have  permission
  to access any of dbms's data files.  However,
              she does have permission to execute cmd.  When  she
              does  so,  her  effective  user  ID  is temporarily
              changed to dbms, so that the cmd program can access
              the data files owned by dbms.

              This  way  betty  can  use  cmd  to access the data
              files, but she cannot accidentally damage them with
              the  standard  shell commands.  To use the absolute
              mode form of the chmod command,  enter:  chmod  644

              This  sets read and write permission for the owner,
              and it sets read-only mode for the  group  and  all


       The  following  environment variables affect the execution
       of chmod: Provides a default value for the  internationalization
 variables that are unset or null. If LANG is unset
       or null, the corresponding value from the  default  locale
       is  used.   If  any  of the internationalization variables
       contain an invalid setting, the utility behaves as if none
       of  the variables had been defined.  If set to a non-empty
       string value, overrides the values of all the other internationalization
  variables.  Determines the locale for the
       interpretation of sequences of bytes of text data as characters
  (for  example, single-byte as opposed to multibyte
       characters in arguments).  Determines the locale  for  the
       format  and  contents  of  diagnostic  messages written to
       standard error.  Determines the location of message  catalogues
 for the processing of LC_MESSAGES.

FILES    [Toc]    [Back]

       [Tru64  UNIX]  Defines the correspondence between symbolic
       codes and octal mode values.

SEE ALSO    [Toc]    [Back]

       Commands:  chgrp(1),  chown(1),  csh(1),  ksh(1),   ls(1),
       Bourne shell sh(1b), POSIX shell sh(1p), umask(1)

       Functions:  chown(2), chmod(2), stat(2), umask(2)

       Standards:  standards(5)

[ Back ]
 Similar pages
Name OS Title
acl_get_perm_np FreeBSD check if a permission is set in a permission set
err Tru64 Error codes
openssl_err NetBSD error codes
sysexits OpenBSD preferable exit codes for programs
gss_display_status Tru64 Convert GSS-API return codes to text.
sysexits FreeBSD preferable exit codes for programs
showkey Linux examine the scan codes and keycodes sent by the keyboard
st_lang_str Tru64 translate symbol table codes to printable strings
CDsbtoa IRIX convert six-bit country and owner codes to ASCII string
DTsbtoa IRIX convert six-bit country and owner codes to ASCII string
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service