1 .\" Copyright (c) 1992 Drew Eckhardt (drew@cs.colorado.edu), March 28, 1992
2 .\" and Copyright (C) 2006, 2014 Michael Kerrisk
4 .\" %%%LICENSE_START(VERBATIM)
5 .\" Permission is granted to make and distribute verbatim copies of this
6 .\" manual provided the copyright notice and this permission notice are
7 .\" preserved on all copies.
9 .\" Permission is granted to copy and distribute modified versions of this
10 .\" manual under the conditions for verbatim copying, provided that the
11 .\" entire resulting derived work is distributed under the terms of a
12 .\" permission notice identical to this one.
14 .\" Since the Linux kernel and libraries are constantly changing, this
15 .\" manual page may be incorrect or out-of-date. The author(s) assume no
16 .\" responsibility for errors or omissions, or for damages resulting from
17 .\" the use of the information contained herein. The author(s) may not
18 .\" have taken the same level of care in the production of this manual,
19 .\" which is licensed free of charge, as they might when working
22 .\" Formatted or processed versions of this manual, if unaccompanied by
23 .\" the source, must acknowledge the copyright and authors of this work.
26 .\" Modified by Michael Haardt <michael@moria.de>
27 .\" Modified 1993-07-21 by Rik Faith <faith@cs.unc.edu>
28 .\" Modified 1997-01-12 by Michael Haardt
29 .\" <michael@cantor.informatik.rwth-aachen.de>: NFS details
30 .\" Modified 2004-06-23 by Michael Kerrisk <mtk.manpages@gmail.com>
32 .TH CHMOD 2 2014-02-21 "Linux" "Linux Programmer's Manual"
34 chmod, fchmod, fchmodat \- change permissions of a file
37 .B #include <sys/stat.h>
39 .BI "int chmod(const char *" pathname ", mode_t " mode );
41 .BI "int fchmod(int " fd ", mode_t " mode );
43 .BR "#include <fcntl.h>" " /* Definition of AT_* constants */"
44 .B #include <sys/stat.h>
46 .BI "int fchmodat(int " dirfd ", const char *" pathname ", mode_t " \
47 mode ", int " flags );
51 Feature Test Macro Requirements for glibc (see
52 .BR feature_test_macros (7)):
60 _XOPEN_SOURCE\ >=\ 500 ||
61 _XOPEN_SOURCE\ &&\ _XOPEN_SOURCE_EXTENDED
63 || /* Since glibc 2.12: */ _POSIX_C_SOURCE\ >=\ 200809L
73 _XOPEN_SOURCE\ >=\ 700 || _POSIX_C_SOURCE\ >=\ 200809L
86 system calls change the permissions of a file.
87 They differ only in how the file is specified:
90 changes the permissions of the file specified whose pathname is given in
92 which is dereferenced if it is a symbolic link.
95 changes the permissions of the file referred to by the open file descriptor
98 The new file permissions are specified in
100 which is a bit mask created by ORing together zero or
101 more of the following:
103 .BR S_ISUID " (04000)"
104 set-user-ID (set process effective user ID on
107 .BR S_ISGID " (02000)"
108 set-group-ID (set process effective group ID on
110 mandatory locking, as described in
112 take a new file's group from parent directory, as described in
117 .BR S_ISVTX " (01000)"
118 sticky bit (restricted deletion flag, as described in
121 .BR S_IRUSR " (00400)"
124 .BR S_IWUSR " (00200)"
127 .BR S_IXUSR " (00100)"
128 execute/search by owner ("search" applies for directories,
129 and means that entries within the directory can be accessed)
131 .BR S_IRGRP " (00040)"
134 .BR S_IWGRP " (00020)"
137 .BR S_IXGRP " (00010)"
138 execute/search by group
140 .BR S_IROTH " (00004)"
143 .BR S_IWOTH " (00002)"
146 .BR S_IXOTH " (00001)"
147 execute/search by others
149 The effective UID of the calling process must match the owner of the file,
150 or the process must be privileged (Linux: it must have the
154 If the calling process is not privileged (Linux: does not have the
156 capability), and the group of the file does not match
157 the effective group ID of the process or one of its
158 supplementary group IDs, the
160 bit will be turned off,
161 but this will not cause an error to be returned.
163 As a security measure, depending on the filesystem,
164 the set-user-ID and set-group-ID execution bits
165 may be turned off if a file is written.
166 (On Linux this occurs if the writing process does not have the
169 On some filesystems, only the superuser can set the sticky bit,
170 which may have a special meaning.
171 For the sticky bit, and for set-user-ID and set-group-ID bits on
175 On NFS filesystems, restricting the permissions will immediately influence
176 already open files, because the access control is done on the server, but
177 open files are maintained by the client.
178 Widening the permissions may be
179 delayed for other clients if attribute caching is enabled on them.
185 system call operates in exactly the same way as
187 except for the differences described here.
189 If the pathname given in
191 is relative, then it is interpreted relative to the directory
192 referred to by the file descriptor
194 (rather than relative to the current working directory of
195 the calling process, as is done by
197 for a relative pathname).
207 is interpreted relative to the current working
208 directory of the calling process (like
218 can either be 0, or include the following flag:
220 .B AT_SYMLINK_NOFOLLOW
223 is a symbolic link, do not dereference it:
224 instead operate on the link itself.
225 This flag is not currently implemented.
229 for an explanation of the need for
232 On success, zero is returned.
233 On error, \-1 is returned, and
235 is set appropriately.
237 Depending on the filesystem,
238 errors other than those listed below can be returned.
240 The more general errors for
245 Search permission is denied on a component of the path prefix.
247 .BR path_resolution (7).)
251 points outside your accessible address space.
254 An I/O error occurred.
257 Too many symbolic links were encountered in resolving
265 The file does not exist.
268 Insufficient kernel memory was available.
271 A component of the path prefix is not a directory.
274 The effective UID does not match the owner of the file,
275 and the process is not privileged (Linux: it does not have the
280 The named file resides on a read-only filesystem.
282 The general errors for
300 The same errors that occur for
304 The following additional errors can occur for
309 is not a valid file descriptor.
312 Invalid flag specified in
319 is a file descriptor referring to a file other than a directory.
324 .BR AT_SYMLINK_NOFOLLOW ,
325 which is not supported.
328 was added to Linux in kernel 2.6.16;
329 library support was added to glibc in version 2.4.
333 4.4BSD, SVr4, POSIX.1-2001i, POSIX.1-2008.
340 wrapper function implements the POSIX-specified
341 interface described in this page.
342 This interface differs from the underlying Linux system call, which does
352 .BR path_resolution (7),
355 This page is part of release 3.67 of the Linux
358 A description of the project,
359 information about reporting bugs,
360 and the latest version of this page,
362 \%http://www.kernel.org/doc/man\-pages/.