1CHMOD(1P) POSIX Programmer's Manual CHMOD(1P)
2
6 This manual page is part of the POSIX Programmer's Manual. The Linux
7 implementation of this interface may differ (consult the corresponding
8 Linux manual page for details of Linux behavior), or the interface may
9 not be implemented on Linux.
10
12 chmod — change the file modes
13
15 chmod [-R] mode file...
16
18 The chmod utility shall change any or all of the file mode bits of the
19 file named by each file operand in the way specified by the mode oper‐
20 and.
21 It is implementation-defined whether and how the chmod utility affects
23 any alternate or additional file access control mechanism (see the Base
24 Definitions volume of POSIX.1‐2017, Section 4.5, File Access Permis‐
25 sions) being used for the specified file.
26 Only a process whose effective user ID matches the user ID of the file,
28 or a process with appropriate privileges, shall be permitted to change
29 the file mode bits of a file.
30 Upon successfully changing the file mode bits of a file, the chmod
32 utility shall mark for update the last file status change timestamp of
33 the file.
34
36 The chmod utility shall conform to the Base Definitions volume of
37 POSIX.1‐2017, Section 12.2, Utility Syntax Guidelines.
38 The following option shall be supported:
40 -R Recursively change file mode bits. For each file operand that
42 names a directory, chmod shall change the file mode bits of
43 the directory and all files in the file hierarchy below it.
44
46 The following operands shall be supported:
47 mode Represents the change to be made to the file mode bits of
49 each file named by one of the file operands; see the EXTENDED
50 DESCRIPTION section.
51 file A pathname of a file whose file mode bits shall be modified.
53
55 Not used.
56
58 None.
59
61 The following environment variables shall affect the execution of
62 chmod:
63 LANG Provide a default value for the internationalization vari‐
65 ables that are unset or null. (See the Base Definitions vol‐
66 ume of POSIX.1‐2017, Section 8.2, Internationalization Vari‐
67 ables for the precedence of internationalization variables
68 used to determine the values of locale categories.)
69 LC_ALL If set to a non-empty string value, override the values of
71 all the other internationalization variables.
72 LC_CTYPE Determine the locale for the interpretation of sequences of
74 bytes of text data as characters (for example, single-byte as
75 opposed to multi-byte characters in arguments).
76 LC_MESSAGES
78 Determine the locale that should be used to affect the format
79 and contents of diagnostic messages written to standard
80 error.
81 NLSPATH Determine the location of message catalogs for the processing
83 of LC_MESSAGES.
84
86 Default.
87
89 Not used.
90
92 The standard error shall be used only for diagnostic messages.
93
95 None.
96
98 The mode operand shall be either a symbolic_mode expression or a non-
99 negative octal integer. The symbolic_mode form is described by the
100 grammar later in this section.
101 Each clause shall specify an operation to be performed on the current
103 file mode bits of each file. The operations shall be performed on each
104 file in the order in which the clauses are specified.
105 The who symbols u, g, and o shall specify the user, group, and other
107 parts of the file mode bits, respectively. A who consisting of the sym‐
108 bol a shall be equivalent to ugo.
109 The perm symbols r, w, and x represent the read, write, and exe‐
111 cute/search portions of file mode bits, respectively. The perm symbol s
112 shall represent the set-user-ID-on-execution (when who contains or
113 implies u) and set-group-ID-on-execution (when who contains or implies
114 g) bits.
115 The perm symbol X shall represent the execute/search portion of the
117 file mode bits if the file is a directory or if the current (unmodi‐
118 fied) file mode bits have at least one of the execute bits (S_IXUSR,
119 S_IXGRP, or S_IXOTH) set. It shall be ignored if the file is not a
120 directory and none of the execute bits are set in the current file mode
121 bits.
122 The permcopy symbols u, g, and o shall represent the current permis‐
124 sions associated with the user, group, and other parts of the file mode
125 bits, respectively. For the remainder of this section, perm refers to
126 the non-terminals perm and permcopy in the grammar.
127 If multiple actionlists are grouped with a single wholist in the gram‐
129 mar, each actionlist shall be applied in the order specified with that
130 wholist. The op symbols shall represent the operation performed, as
131 follows:
132 + If perm is not specified, the '+' operation shall not change the
134 file mode bits.
135 If who is not specified, the file mode bits represented by perm
137 for the owner, group, and other permissions, except for those
138 with corresponding bits in the file mode creation mask of the
139 invoking process, shall be set.
140 Otherwise, the file mode bits represented by the specified who
142 and perm values shall be set.
143 - If perm is not specified, the '-' operation shall not change the
145 file mode bits.
146 If who is not specified, the file mode bits represented by perm
148 for the owner, group, and other permissions, except for those
149 with corresponding bits in the file mode creation mask of the
150 invoking process, shall be cleared.
151 Otherwise, the file mode bits represented by the specified who
153 and perm values shall be cleared.
154 = Clear the file mode bits specified by the who value, or, if no
156 who value is specified, all of the file mode bits specified in
157 this volume of POSIX.1‐2017.
158 If perm is not specified, the '=' operation shall make no further
160 modifications to the file mode bits.
161 If who is not specified, the file mode bits represented by perm
163 for the owner, group, and other permissions, except for those
164 with corresponding bits in the file mode creation mask of the
165 invoking process, shall be set.
166 Otherwise, the file mode bits represented by the specified who
168 and perm values shall be set.
169 When using the symbolic mode form on a regular file, it is implementa‐
171 tion-defined whether or not:
172 * Requests to set the set-user-ID-on-execution or set-group-ID-on-
174 execution bit when all execute bits are currently clear and none
175 are being set are ignored.
176 * Requests to clear all execute bits also clear the set-user-ID-on-
178 execution and set-group-ID-on-execution bits.
179 * Requests to clear the set-user-ID-on-execution or set-group-ID-on-
181 execution bits when all execute bits are currently clear are
182 ignored. However, if the command ls -l file writes an s in the
183 position indicating that the set-user-ID-on-execution or set-group-
184 ID-on-execution is set, the commands chmod u-s file or chmod g-s
185 file, respectively, shall not be ignored.
186 When using the symbolic mode form on other file types, it is implemen‐
188 tation-defined whether or not requests to set or clear the set-user-ID-
189 on-execution or set-group-ID-on-execution bits are honored.
190 If the who symbol o is used in conjunction with the perm symbol s with
192 no other who symbols being specified, the set-user-ID-on-execution and
193 set-group-ID-on-execution bits shall not be modified. It shall not be
194 an error to specify the who symbol o in conjunction with the perm sym‐
195 bol s.
196 The perm symbol t shall specify the S_ISVTX bit. When used with a file
198 of type directory, it can be used with the who symbol a, or with no who
199 symbol. It shall not be an error to specify a who symbol of u, g, or o
200 in conjunction with the perm symbol t, but the meaning of these combi‐
201 nations is unspecified. The effect when using the perm symbol t with
202 any file type other than directory is unspecified.
203 For an octal integer mode operand, the file mode bits shall be set
205 absolutely.
206 For each bit set in the octal number, the corresponding file permission
208 bit shown in the following table shall be set; all other file permis‐
209 sion bits shall be cleared. For regular files, for each bit set in the
210 octal number corresponding to the set-user-ID-on-execution or the set-
211 group-ID-on-execution, bits shown in the following table shall be set;
212 if these bits are not set in the octal number, they are cleared. For
213 other file types, it is implementation-defined whether or not requests
214 to set or clear the set-user-ID-on-execution or set-group-ID-on-execu‐
215 tion bits are honored.
216 ┌─────────────────┬──────────────────┬──────────────────┬──────────────────┐
218 │Octal Mode Bit │ Octal Mode Bit │ Octal Mode Bit │ Octal Mode Bit │
219 ├─────────────────┼──────────────────┼──────────────────┼──────────────────┤
220 │4000 S_ISUID │ 0400 S_IRUSR │ 0040 S_IRGRP │ 0004 S_IROTH │
221 ├─────────────────┼──────────────────┼──────────────────┼──────────────────┤
222 │2000 S_ISGID │ 0200 S_IWUSR │ 0020 S_IWGRP │ 0002 S_IWOTH │
223 ├─────────────────┼──────────────────┼──────────────────┼──────────────────┤
224 │1000 S_ISVTX │ 0100 S_IXUSR │ 0010 S_IXGRP │ 0001 S_IXOTH │
225 └─────────────────┴──────────────────┴──────────────────┴──────────────────┘
226 When bits are set in the octal number other than those listed in the
227 table above, the behavior is unspecified.
228 Grammar for chmod
230 The grammar and lexical conventions in this section describe the syntax
231 for the symbolic_mode operand. The general conventions for this style
232 of grammar are described in Section 1.3, Grammar Conventions. A valid
233 symbolic_mode can be represented as the non-terminal symbol sym‐
234 bolic_mode in the grammar. This formal syntax shall take precedence
235 over the preceding text syntax description.
236 The lexical processing is based entirely on single characters. Imple‐
238 mentations need not allow <blank> characters within the single argument
239 being processed.
240 %start symbolic_mode
243 %%
244 symbolic_mode : clause
246 | symbolic_mode ',' clause
247 ;
248 clause : actionlist
250 | wholist actionlist
251 ;
252 wholist : who
254 | wholist who
255 ;
256 who : 'u' | 'g' | 'o' | 'a'
258 ;
259 actionlist : action
261 | actionlist action
262 ;
263 action : op
265 | op permlist
266 | op permcopy
267 ;
268 permcopy : 'u' | 'g' | 'o'
270 ;
271 op : '+' | '-' | '='
273 ;
274 permlist : perm
276 | perm permlist
277 ;
278 perm : 'r' | 'w' | 'x' | 'X' | 's' | 't'
280 ;
281
283 The following exit values shall be returned:
284 0 The utility executed successfully and all requested changes were
286 made.
287 >0 An error occurred.
289
291 Default.
292 The following sections are informative.
294
296 Some implementations of the chmod utility change the mode of a direc‐
297 tory before the files in the directory when performing a recursive (-R
298 option) change; others change the directory mode after the files in the
299 directory. If an application tries to remove read or search permission
300 for a file hierarchy, the removal attempt fails if the directory is
301 changed first; on the other hand, trying to re-enable permissions to a
302 restricted hierarchy fails if directories are changed last. Users
303 should not try to make a hierarchy inaccessible to themselves.
304 Some implementations of chmod never used the umask of the process when
306 changing modes; systems conformant with this volume of POSIX.1‐2017 do
307 so when who is not specified. Note the difference between:
308 chmod a-w file
311 which removes all write permissions, and:
313 chmod -- -w file
316 which removes write permissions that would be allowed if file was cre‐
318 ated with the same umask.
319 Conforming applications should never assume that they know how the set-
321 user-ID and set-group-ID bits on directories are interpreted.
322
324 ┌──────┬────────────────────────────────┐
325 │Mode │ Results │
326 ├──────┼────────────────────────────────┤
327 │a+= │ Equivalent to a+,a=; clears │
328 │ │ all file mode bits. │
329 │go+-w │ Equivalent to go+,go-w; clears │
330 │ │ group and other write bits. │
331 │g=o-w │ Equivalent to g=o,g-w; sets │
332 │ │ group bit to match other bits │
333 │ │ and then clears group write │
334 │ │ bit. │
335 │g-r+w │ Equivalent to g-r,g+w; clears │
336 │ │ group read bit and sets group │
337 │ │ write bit. │
338 │uo=g │ Sets owner bits to match group │
339 │ │ bits and sets other bits to │
340 │ │ match group bits. │
341 └──────┴────────────────────────────────┘
343 The functionality of chmod is described substantially through refer‐
344 ences to concepts defined in the System Interfaces volume of
345 POSIX.1‐2017. In this way, there is less duplication of effort required
346 for describing the interactions of permissions. However, the behavior
347 of this utility is not described in terms of the chmod() function from
348 the System Interfaces volume of POSIX.1‐2017 because that specification
349 requires certain side-effects upon alternate file access control mecha‐
350 nisms that might not be appropriate, depending on the implementation.
351 Implementations that support mandatory file and record locking as spec‐
353 ified by the 1984 /usr/group standard historically used the combination
354 of set-group-ID bit set and group execute bit clear to indicate manda‐
355 tory locking. This condition is usually set or cleared with the sym‐
356 bolic mode perm symbol l instead of the perm symbols s and x so that
357 the mandatory locking mode is not changed without explicit indication
358 that that was what the user intended. Therefore, the details on how the
359 implementation treats these conditions must be defined in the documen‐
360 tation. This volume of POSIX.1‐2017 does not require mandatory locking
361 (nor does the System Interfaces volume of POSIX.1‐2017), but does allow
362 it as an extension. However, this volume of POSIX.1‐2017 does require
363 that the ls and chmod utilities work consistently in this area. If ls
364 -l file indicates that the set-group-ID bit is set, chmod g-s file must
365 clear it (assuming appropriate privileges exist to change modes).
366 The System V and BSD versions use different exit status codes. Some
368 implementations used the exit status as a count of the number of errors
369 that occurred; this practice is unworkable since it can overflow the
370 range of valid exit status values. This problem is avoided here by
371 specifying only 0 and >0 as exit values.
372 The System Interfaces volume of POSIX.1‐2017 indicates that implementa‐
374 tion-defined restrictions may cause the S_ISUID and S_ISGID bits to be
375 ignored. This volume of POSIX.1‐2017 allows the chmod utility to choose
376 to modify these bits before calling chmod() (or some function providing
377 equivalent capabilities) for non-regular files. Among other things,
378 this allows implementations that use the set-user-ID and set-group-ID
379 bits on directories to enable extended features to handle these exten‐
380 sions in an intelligent manner.
381 The X perm symbol was adopted from BSD-based systems because it pro‐
383 vides commonly desired functionality when doing recursive (-R option)
384 modifications. Similar functionality is not provided by the find util‐
385 ity. Historical BSD versions of chmod, however, only supported X with
386 op+; it has been extended in this volume of POSIX.1‐2017 because it is
387 also useful with op=. (It has also been added for op- even though it
388 duplicates x, in this case, because it is intuitive and easier to
389 explain.)
390 The grammar was extended with the permcopy non-terminal to allow his‐
392 torical-practice forms of symbolic modes like o=u -g (that is, set the
393 ``other'' permissions to the permissions of ``owner'' minus the permis‐
394 sions of ``group'').
395
397 None.
398
400 ls, umask
401 The Base Definitions volume of POSIX.1‐2017, Section 4.5, File Access
403 Permissions, Chapter 8, Environment Variables, Section 12.2, Utility
404 Syntax Guidelines
405 The System Interfaces volume of POSIX.1‐2017, chmod()
407
409 Portions of this text are reprinted and reproduced in electronic form
410 from IEEE Std 1003.1-2017, Standard for Information Technology -- Por‐
411 table Operating System Interface (POSIX), The Open Group Base Specifi‐
412 cations Issue 7, 2018 Edition, Copyright (C) 2018 by the Institute of
413 Electrical and Electronics Engineers, Inc and The Open Group. In the
414 event of any discrepancy between this version and the original IEEE and
415 The Open Group Standard, the original IEEE and The Open Group Standard
416 is the referee document. The original Standard can be obtained online
417 at http://www.opengroup.org/unix/online.html .
418 Any typographical or formatting errors that appear in this page are
420 most likely to have been introduced during the conversion of the source
421 files to man page format. To report such errors, see https://www.ker‐
422 nel.org/doc/man-pages/reporting_bugs.html .
423IEEE/The Open Group 2017 CHMOD(1P)