1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" @(#)chmod.2 8.1 (Berkeley) 6/4/93 33.\" $FreeBSD: src/lib/libc/sys/chmod.2,v 1.16.2.7 2001/12/14 18:34:00 ru Exp $ 34.\" 35.Dd June 4, 1993 36.Dt CHMOD 2 37.Os 38.Sh NAME 39.Nm chmod , 40.Nm fchmod , 41.Nm lchmod 42.Nd change mode of file 43.Sh LIBRARY 44.Lb libc 45.Sh SYNOPSIS 46.In sys/stat.h 47.Ft int 48.Fn chmod "const char *path" "mode_t mode" 49.Ft int 50.Fn fchmod "int fd" "mode_t mode" 51.Ft int 52.Fn lchmod "const char *path" "mode_t mode" 53.Sh DESCRIPTION 54The file permission bits of the file named specified by 55.Fa path 56or referenced by the file descriptor 57.Fa fd 58are changed to 59.Fa mode . 60The 61.Fn chmod 62function verifies that the process owner (user) either owns 63the file specified by 64.Fa path 65(or 66.Fa fd ) , 67or 68is the super-user. 69The 70.Fn chmod 71function follows symbolic links to operate on the target of the link 72rather than the link itself. 73.Pp 74The 75.Fa lchmod 76function is similar to 77.Fn chmod 78but does not follow symbolic links. 79.Pp 80A mode is created from 81.Em or'd 82permission bit masks 83defined in 84.Aq Pa sys/stat.h : 85.Pp 86.Bd -literal -offset indent -compact 87#define S_IRWXU 0000700 /* RWX mask for owner */ 88#define S_IRUSR 0000400 /* R for owner */ 89#define S_IWUSR 0000200 /* W for owner */ 90#define S_IXUSR 0000100 /* X for owner */ 91 92#define S_IRWXG 0000070 /* RWX mask for group */ 93#define S_IRGRP 0000040 /* R for group */ 94#define S_IWGRP 0000020 /* W for group */ 95#define S_IXGRP 0000010 /* X for group */ 96 97#define S_IRWXO 0000007 /* RWX mask for other */ 98#define S_IROTH 0000004 /* R for other */ 99#define S_IWOTH 0000002 /* W for other */ 100#define S_IXOTH 0000001 /* X for other */ 101 102#define S_ISUID 0004000 /* set user id on execution */ 103#define S_ISGID 0002000 /* set group id on execution */ 104#define S_ISVTX 0001000 /* sticky bit */ 105#ifndef _POSIX_SOURCE 106#define S_ISTXT 0001000 107#endif 108.Ed 109.Pp 110The 111.Fx 112VM system totally ignores the sticky bit 113.Pq Dv ISVTX 114for executables. 115On UFS-based filesystems (FFS, MFS, LFS) the sticky 116bit may only be set upon directories. 117.Pp 118If mode 119.Dv ISVTX 120(the `sticky bit') is set on a directory, 121an unprivileged user may not delete or rename 122files of other users in that directory. 123The sticky bit may be 124set by any user on a directory which the user owns or has appropriate 125permissions. 126For more details of the properties of the sticky bit, see 127.Xr sticky 8 . 128.Pp 129If mode ISUID (set UID) is set on a directory, 130and the MNT_SUIDDIR option was used in the mount of the filesystem, 131then the owner of any new files and sub-directories 132created within this directory are set 133to be the same as the owner of that directory. 134If this function is enabled, new directories will inherit 135the bit from their parents. Execute bits are removed from 136the file, and it will not be given to root. 137This behavior does not change the 138requirements for the user to be allowed to write the file, but only the eventual 139owner after it has been created. 140Group inheritance is not affected. 141.Pp 142This feature is designed for use on fileservers serving PC users via 143ftp, SAMBA, or netatalk. 144It provides security holes for shell users and as 145such should not be used on shell machines, especially on home directories. 146This option requires the SUIDDIR 147option in the kernel to work. 148Only UFS filesystems support this option. 149For more details of the suiddir mount option, see 150.Xr mount 8 . 151.Pp 152Writing or changing the owner of a file 153turns off the set-user-id and set-group-id bits 154unless the user is the super-user. 155This makes the system somewhat more secure 156by protecting set-user-id (set-group-id) files 157from remaining set-user-id (set-group-id) if they are modified, 158at the expense of a degree of compatibility. 159.Sh RETURN VALUES 160.Rv -std 161.Sh ERRORS 162.Fn Chmod 163will fail and the file mode will be unchanged if: 164.Bl -tag -width Er 165.It Bq Er ENOTDIR 166A component of the path prefix is not a directory. 167.It Bq Er ENAMETOOLONG 168A component of a pathname exceeded 255 characters, 169or an entire path name exceeded 1023 characters. 170.It Bq Er ENOENT 171The named file does not exist. 172.It Bq Er EACCES 173Search permission is denied for a component of the path prefix. 174.It Bq Er ELOOP 175Too many symbolic links were encountered in translating the pathname. 176.It Bq Er EPERM 177The effective user ID does not match the owner of the file and 178the effective user ID is not the super-user. 179.It Bq Er EROFS 180The named file resides on a read-only file system. 181.It Bq Er EFAULT 182.Fa Path 183points outside the process's allocated address space. 184.It Bq Er EIO 185An I/O error occurred while reading from or writing to the file system. 186.It Bq Er EFTYPE 187An attempt was made to set the sticky bit upon an executable. 188.El 189.Pp 190.Fn Fchmod 191will fail if: 192.Bl -tag -width Er 193.It Bq Er EBADF 194The descriptor is not valid. 195.It Bq Er EINVAL 196.Fa fd 197refers to a socket, not to a file. 198.It Bq Er EROFS 199The file resides on a read-only file system. 200.It Bq Er EIO 201An I/O error occurred while reading from or writing to the file system. 202.El 203.Sh SEE ALSO 204.Xr chmod 1 , 205.Xr chown 2 , 206.Xr open 2 , 207.Xr stat 2 , 208.Xr sticky 8 209.Sh STANDARDS 210The 211.Fn chmod 212function call is expected to conform to 213.St -p1003.1-90 , 214except for the return of 215.Er EFTYPE 216and the use of 217.Dv S_ISTXT . 218.Sh HISTORY 219A 220.Fn chmod 221function call appeared in 222.At v7 . 223The 224.Fn fchmod 225function call 226appeared in 227.Bx 4.2 . 228The 229.Fn lchmod 230function call appeared in 231.Fx 3.0 . 232