1CHOWN(2)                   Linux Programmer's Manual                  CHOWN(2)
2
3
4

NAME

6       chown, fchown, lchown, fchownat - change ownership of a file
7

SYNOPSIS

9       #include <unistd.h>
10
11       int chown(const char *pathname, uid_t owner, gid_t group);
12       int fchown(int fd, uid_t owner, gid_t group);
13       int lchown(const char *pathname, uid_t owner, gid_t group);
14
15       #include <fcntl.h>           /* Definition of AT_* constants */
16       #include <unistd.h>
17
18       int fchownat(int dirfd, const char *pathname,
19                    uid_t owner, gid_t group, int flags);
20
21   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):
22
23       fchown(), lchown():
24           /* Since glibc 2.12: */ _POSIX_C_SOURCE >= 200809L
25               || _XOPEN_SOURCE >= 500
26               || /* Glibc <= 2.19: */ _BSD_SOURCE
27
28       fchownat():
29           Since glibc 2.10:
30               _POSIX_C_SOURCE >= 200809L
31           Before glibc 2.10:
32               _ATFILE_SOURCE
33

DESCRIPTION

35       These  system calls change the owner and group of a file.  The chown(),
36       fchown(), and lchown() system calls differ only  in  how  the  file  is
37       specified:
38
39       * chown()  changes  the  ownership  of  the file specified by pathname,
40         which is dereferenced if it is a symbolic link.
41
42       * fchown() changes the ownership of the file referred to  by  the  open
43         file descriptor fd.
44
45       * lchown() is like chown(), but does not dereference symbolic links.
46
47       Only  a  privileged  process (Linux: one with the CAP_CHOWN capability)
48       may change the owner of a file.  The owner of a  file  may  change  the
49       group  of  the  file  to  any group of which that owner is a member.  A
50       privileged process (Linux: with CAP_CHOWN) may change the  group  arbi‐
51       trarily.
52
53       If the owner or group is specified as -1, then that ID is not changed.
54
55       When the owner or group of an executable file is changed by an unprivi‐
56       leged user, the S_ISUID and S_ISGID mode bits are cleared.  POSIX  does
57       not specify whether this also should happen when root does the chown();
58       the Linux behavior depends on  the  kernel  version,  and  since  Linux
59       2.2.13,  root is treated like other users.  In case of a non-group-exe‐
60       cutable file (i.e., one for which the S_IXGRP bit is not set) the S_IS‐
61       GID bit indicates mandatory locking, and is not cleared by a chown().
62
63       When the owner or group of an executable file is changed (by any user),
64       all capability sets for the file are cleared.
65
66   fchownat()
67       The fchownat() system call operates in exactly the same way as chown(),
68       except for the differences described here.
69
70       If  the  pathname given in pathname is relative, then it is interpreted
71       relative to the directory referred to  by  the  file  descriptor  dirfd
72       (rather  than  relative to the current working directory of the calling
73       process, as is done by chown() for a relative pathname).
74
75       If pathname is relative and dirfd is the special value  AT_FDCWD,  then
76       pathname  is  interpreted  relative to the current working directory of
77       the calling process (like chown()).
78
79       If pathname is absolute, then dirfd is ignored.
80
81       The flags argument is a bit mask created by ORing together 0 or more of
82       the following values;
83
84       AT_EMPTY_PATH (since Linux 2.6.39)
85              If  pathname is an empty string, operate on the file referred to
86              by dirfd (which may have been obtained using the open(2)  O_PATH
87              flag).   In  this case, dirfd can refer to any type of file, not
88              just a directory.  If dirfd is AT_FDCWD, the  call  operates  on
89              the current working directory.  This flag is Linux-specific; de‐
90              fine _GNU_SOURCE to obtain its definition.
91
92       AT_SYMLINK_NOFOLLOW
93              If pathname is a symbolic link, do not dereference  it:  instead
94              operate  on the link itself, like lchown().  (By default, fchow‐
95              nat() dereferences symbolic links, like chown().)
96
97       See openat(2) for an explanation of the need for fchownat().
98

RETURN VALUE

100       On success, zero is returned.  On error, -1 is returned, and  errno  is
101       set to indicate the error.
102

ERRORS

104       Depending  on  the filesystem, errors other than those listed below can
105       be returned.
106
107       The more general errors for chown() are listed below.
108
109       EACCES Search permission is denied on a component of the  path  prefix.
110              (See also path_resolution(7).)
111
112       EBADF  (fchown()) fd is not a valid open file descriptor.
113
114       EBADF  (fchownat())  pathname is relative but dirfd is neither AT_FDCWD
115              nor a valid file descriptor.
116
117       EFAULT pathname points outside your accessible address space.
118
119       EINVAL (fchownat()) Invalid flag specified in flags.
120
121       EIO    (fchown()) A low-level I/O error occurred  while  modifying  the
122              inode.
123
124       ELOOP  Too many symbolic links were encountered in resolving pathname.
125
126       ENAMETOOLONG
127              pathname is too long.
128
129       ENOENT The file does not exist.
130
131       ENOMEM Insufficient kernel memory was available.
132
133       ENOTDIR
134              A component of the path prefix is not a directory.
135
136       ENOTDIR
137              (fchownat()) pathname is relative and dirfd is a file descriptor
138              referring to a file other than a directory.
139
140       EPERM  The calling process did not have the required  permissions  (see
141              above) to change owner and/or group.
142
143       EPERM  The   file   is   marked   immutable   or   append-only.    (See
144              ioctl_iflags(2).)
145
146       EROFS  The named file resides on a read-only filesystem.
147

VERSIONS

149       fchownat() was added to Linux in kernel  2.6.16;  library  support  was
150       added to glibc in version 2.4.
151

CONFORMING TO

153       chown(), fchown(), lchown(): 4.4BSD, SVr4, POSIX.1-2001, POSIX.1-2008.
154
155       The 4.4BSD version can be used only by the superuser (that is, ordinary
156       users cannot give away files).
157
158       fchownat(): POSIX.1-2008.
159

NOTES

161   Ownership of new files
162       When a new file is created (by, for example, open(2) or mkdir(2)),  its
163       owner  is  made  the  same  as  the  filesystem user ID of the creating
164       process.  The group of the file depends on a range of factors,  includ‐
165       ing  the  type of filesystem, the options used to mount the filesystem,
166       and whether or not the set-group-ID mode bit is enabled on  the  parent
167       directory.   If  the filesystem supports the -o grpid (or, synonymously
168       -o bsdgroups) and -o nogrpid (or, synonymously -o sysvgroups)  mount(8)
169       options, then the rules are as follows:
170
171       * If  the  filesystem is mounted with -o grpid, then the group of a new
172         file is made the same as that of the parent directory.
173
174       * If the filesystem is mounted with -o nogrpid and the set-group-ID bit
175         is  disabled on the parent directory, then the group of a new file is
176         made the same as the process's filesystem GID.
177
178       * If the filesystem is mounted with -o nogrpid and the set-group-ID bit
179         is  enabled  on the parent directory, then the group of a new file is
180         made the same as that of the parent directory.
181
182       As at Linux 4.12, the -o grpid and -o nogrpid mount  options  are  sup‐
183       ported  by  ext2,  ext3, ext4, and XFS.  Filesystems that don't support
184       these mount options follow the -o nogrpid rules.
185
186   Glibc notes
187       On older kernels where fchownat() is  unavailable,  the  glibc  wrapper
188       function  falls back to the use of chown() and lchown().  When pathname
189       is a relative pathname, glibc constructs a pathname based on  the  sym‐
190       bolic link in /proc/self/fd that corresponds to the dirfd argument.
191
192   NFS
193       The  chown()  semantics  are  deliberately  violated on NFS filesystems
194       which have UID mapping enabled.  Additionally,  the  semantics  of  all
195       system  calls  which  access  the  file  contents are violated, because
196       chown() may cause immediate access revocation on  already  open  files.
197       Client  side  caching may lead to a delay between the time where owner‐
198       ship have been changed to allow access for a user and  the  time  where
199       the file can actually be accessed by the user on other clients.
200
201   Historical details
202       The  original  Linux  chown(), fchown(), and lchown() system calls sup‐
203       ported only 16-bit user and group IDs.  Subsequently, Linux  2.4  added
204       chown32(),  fchown32(),  and  lchown32(),  supporting  32-bit IDs.  The
205       glibc chown(), fchown(), and lchown() wrapper  functions  transparently
206       deal with the variations across kernel versions.
207
208       In  versions  of  Linux  prior  to  2.1.81  (and distinct from 2.1.46),
209       chown() did not follow symbolic links.   Since  Linux  2.1.81,  chown()
210       does  follow  symbolic  links,  and there is a new system call lchown()
211       that does not follow symbolic links.  Since Linux 2.1.86, this new call
212       (that  has  the  same  semantics  as  the old chown()) has got the same
213       syscall number, and chown() got the newly introduced number.
214

EXAMPLES

216       The following program changes the ownership of the file  named  in  its
217       second  command-line  argument to the value specified in its first com‐
218       mand-line argument.  The new owner can be specified either as a numeric
219       user  ID,  or  as  a username (which is converted to a user ID by using
220       getpwnam(3) to perform a lookup in the system password file).
221
222   Program source
223       #include <pwd.h>
224       #include <stdio.h>
225       #include <stdlib.h>
226       #include <unistd.h>
227
228       int
229       main(int argc, char *argv[])
230       {
231           uid_t uid;
232           struct passwd *pwd;
233           char *endptr;
234
235           if (argc != 3 || argv[1][0] == '\0') {
236               fprintf(stderr, "%s <owner> <file>\n", argv[0]);
237               exit(EXIT_FAILURE);
238           }
239
240           uid = strtol(argv[1], &endptr, 10);  /* Allow a numeric string */
241
242           if (*endptr != '\0') {         /* Was not pure numeric string */
243               pwd = getpwnam(argv[1]);   /* Try getting UID for username */
244               if (pwd == NULL) {
245                   perror("getpwnam");
246                   exit(EXIT_FAILURE);
247               }
248
249               uid = pwd->pw_uid;
250           }
251
252           if (chown(argv[2], uid, -1) == -1) {
253               perror("chown");
254               exit(EXIT_FAILURE);
255           }
256
257           exit(EXIT_SUCCESS);
258       }
259

SEE ALSO

261       chgrp(1), chown(1), chmod(2), flock(2), path_resolution(7), symlink(7)
262

COLOPHON

264       This page is part of release 5.13 of the Linux  man-pages  project.   A
265       description  of  the project, information about reporting bugs, and the
266       latest    version    of    this    page,    can     be     found     at
267       https://www.kernel.org/doc/man-pages/.
268
269
270
271Linux                             2021-08-27                          CHOWN(2)
Impressum