1CHMOD(3P) POSIX Programmer's Manual CHMOD(3P)
2
6 This manual page is part of the POSIX Programmer's Manual. The Linux
7 implementation of this interface may differ (consult the corresponding
8 Linux manual page for details of Linux behavior), or the interface may
9 not be implemented on Linux.
10
13 chmod, fchmodat — change mode of a file relative to directory file
14 descriptor
15
17 #include <sys/stat.h>
18 int chmod(const char *path, mode_t mode);
20 int fchmodat(int fd, const char *path, mode_t mode, int flag);
21
23 The chmod() function shall change S_ISUID, S_ISGID, S_ISVTX, and the
24 file permission bits of the file named by the pathname pointed to by
25 the path argument to the corresponding bits in the mode argument. The
26 application shall ensure that the effective user ID of the process
27 matches the owner of the file or the process has appropriate privileges
28 in order to do this.
29 S_ISUID, S_ISGID, S_ISVTX, and the file permission bits are described
31 in <sys/stat.h>.
32 If the calling process does not have appropriate privileges, and if the
34 group ID of the file does not match the effective group ID or one of
35 the supplementary group IDs and if the file is a regular file, bit
36 S_ISGID (set-group-ID on execution) in the file's mode shall be cleared
37 upon successful return from chmod().
38 Additional implementation-defined restrictions may cause the S_ISUID
40 and S_ISGID bits in mode to be ignored.
41 Upon successful completion, chmod() shall mark for update the last file
43 status change timestamp of the file.
44 The fchmodat() function shall be equivalent to the chmod() function
46 except in the case where path specifies a relative path. In this case
47 the file to be changed is determined relative to the directory associ‐
48 ated with the file descriptor fd instead of the current working direc‐
49 tory. If the file descriptor was opened without O_SEARCH, the function
50 shall check whether directory searches are permitted using the current
51 permissions of the directory underlying the file descriptor. If the
52 file descriptor was opened with O_SEARCH, the function shall not per‐
53 form the check.
54 Values for flag are constructed by a bitwise-inclusive OR of flags from
56 the following list, defined in <fcntl.h>:
57 AT_SYMLINK_NOFOLLOW
59 If path names a symbolic link, then the mode of the symbolic link
60 is changed.
61 If fchmodat() is passed the special value AT_FDCWD in the fd parameter,
63 the current working directory shall be used. If also flag is zero, the
64 behavior shall be identical to a call to chmod().
65
67 Upon successful completion, these functions shall return 0. Otherwise,
68 these functions shall return −1 and set errno to indicate the error. If
69 −1 is returned, no change to the file mode occurs.
70
72 These functions shall fail if:
73 EACCES Search permission is denied on a component of the path prefix.
75 ELOOP A loop exists in symbolic links encountered during resolution of
77 the path argument.
78 ENAMETOOLONG
80 The length of a component of a pathname is longer than
81 {NAME_MAX}.
82 ENOENT A component of path does not name an existing file or path is an
84 empty string.
85 ENOTDIR
87 A component of the path prefix names an existing file that is
88 neither a directory nor a symbolic link to a directory, or the
89 path argument contains at least one non-<slash> character and
90 ends with one or more trailing <slash> characters and the last
91 pathname component names an existing file that is neither a
92 directory nor a symbolic link to a directory.
93 EPERM The effective user ID does not match the owner of the file and
95 the process does not have appropriate privileges.
96 EROFS The named file resides on a read-only file system.
98 The fchmodat() function shall fail if:
100 EACCES fd was not opened with O_SEARCH and the permissions of the
102 directory underlying fd do not permit directory searches.
103 EBADF The path argument does not specify an absolute path and the fd
105 argument is neither AT_FDCWD nor a valid file descriptor open
106 for reading or searching.
107 ENOTDIR
109 The path argument is not an absolute path and fd is a file
110 descriptor associated with a non-directory file.
111 These functions may fail if:
113 EINTR A signal was caught during execution of the function.
115 EINVAL The value of the mode argument is invalid.
117 ELOOP More than {SYMLOOP_MAX} symbolic links were encountered during
119 resolution of the path argument.
120 ENAMETOOLONG
122 The length of a pathname exceeds {PATH_MAX}, or pathname resolu‐
123 tion of a symbolic link produced an intermediate result with a
124 length that exceeds {PATH_MAX}.
125 The fchmodat() function may fail if:
127 EINVAL The value of the flag argument is invalid.
129 EOPNOTSUPP
131 The AT_SYMLINK_NOFOLLOW bit is set in the flag argument, path
132 names a symbolic link, and the system does not support changing
133 the mode of a symbolic link.
134 The following sections are informative.
136
138 Setting Read Permissions for User, Group, and Others
139 The following example sets read permissions for the owner, group, and
140 others.
141 #include <sys/stat.h>
143 const char *path;
145 ...
146 chmod(path, S_IRUSR|S_IRGRP|S_IROTH);
147 Setting Read, Write, and Execute Permissions for the Owner Only
149 The following example sets read, write, and execute permissions for the
150 owner, and no permissions for group and others.
151 #include <sys/stat.h>
153 const char *path;
155 ...
156 chmod(path, S_IRWXU);
157 Setting Different Permissions for Owner, Group, and Other
159 The following example sets owner permissions for CHANGEFILE to read,
160 write, and execute, group permissions to read and execute, and other
161 permissions to read.
162 #include <sys/stat.h>
164 #define CHANGEFILE "/etc/myfile"
166 ...
167 chmod(CHANGEFILE, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH);
168 Setting and Checking File Permissions
170 The following example sets the file permission bits for a file named
171 /home/cnd/mod1, then calls the stat() function to verify the permis‐
172 sions.
173 #include <sys/types.h>
175 #include <sys/stat.h>
176 int status;
178 struct stat buffer
179 ...
180 chmod("home/cnd/mod1", S_IRWXU|S_IRWXG|S_IROTH|S_IWOTH);
181 status = stat("home/cnd/mod1", &buffer;);
182
184 In order to ensure that the S_ISUID and S_ISGID bits are set, an appli‐
185 cation requiring this should use stat() after a successful chmod() to
186 verify this.
187 Any file descriptors currently open by any process on the file could
189 possibly become invalid if the mode of the file is changed to a value
190 which would deny access to that process. One situation where this could
191 occur is on a stateless file system. This behavior will not occur in a
192 conforming environment.
193
195 This volume of POSIX.1‐2008 specifies that the S_ISGID bit is cleared
196 by chmod() on a regular file under certain conditions. This is speci‐
197 fied on the assumption that regular files may be executed, and the sys‐
198 tem should prevent users from making executable setgid() files perform
199 with privileges that the caller does not have. On implementations that
200 support execution of other file types, the S_ISGID bit should be
201 cleared for those file types under the same circumstances.
202 Implementations that use the S_ISUID bit to indicate some other func‐
204 tion (for example, mandatory record locking) on non-executable files
205 need not clear this bit on writing. They should clear the bit for exe‐
206 cutable files and any other cases where the bit grants special powers
207 to processes that change the file contents. Similar comments apply to
208 the S_ISGID bit.
209 The purpose of the fchmodat() function is to enable changing the mode
211 of files in directories other than the current working directory with‐
212 out exposure to race conditions. Any part of the path of a file could
213 be changed in parallel to a call to chmod(), resulting in unspecified
214 behavior. By opening a file descriptor for the target directory and
215 using the fchmodat() function it can be guaranteed that the changed
216 file is located relative to the desired directory. Some implementations
217 might allow changing the mode of symbolic links. This is not supported
218 by the interfaces in the POSIX specification. Systems with such support
219 provide an interface named lchmod(). To support such implementations
220 fchmodat() has a flag parameter.
221
223 None.
224
226 access(), chown(), exec, fstatat(), fstatvfs(), mkdir(), mkfifo(),
227 mknod(), open()
228 The Base Definitions volume of POSIX.1‐2008, <fcntl.h>, <sys_stat.h>,
230 <sys_types.h>
231
233 Portions of this text are reprinted and reproduced in electronic form
234 from IEEE Std 1003.1, 2013 Edition, Standard for Information Technology
235 -- Portable Operating System Interface (POSIX), The Open Group Base
236 Specifications Issue 7, Copyright (C) 2013 by the Institute of Electri‐
237 cal and Electronics Engineers, Inc and The Open Group. (This is
238 POSIX.1-2008 with the 2013 Technical Corrigendum 1 applied.) In the
239 event of any discrepancy between this version and the original IEEE and
240 The Open Group Standard, the original IEEE and The Open Group Standard
241 is the referee document. The original Standard can be obtained online
242 at http://www.unix.org/online.html .
243 Any typographical or formatting errors that appear in this page are
245 most likely to have been introduced during the conversion of the source
246 files to man page format. To report such errors, see https://www.ker‐
247 nel.org/doc/man-pages/reporting_bugs.html .
248IEEE/The Open Group 2013 CHMOD(3P)