1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" @(#)chmod.2 8.1 (Berkeley) 6/4/93 33.\" $FreeBSD: src/lib/libc/sys/chmod.2,v 1.16.2.7 2001/12/14 18:34:00 ru Exp $ 34.\" $DragonFly: src/lib/libc/sys/chmod.2,v 1.4 2006/05/26 19:39:37 swildner Exp $ 35.\" 36.Dd June 4, 1993 37.Dt CHMOD 2 38.Os 39.Sh NAME 40.Nm chmod , 41.Nm fchmod , 42.Nm lchmod 43.Nd change mode of file 44.Sh LIBRARY 45.Lb libc 46.Sh SYNOPSIS 47.In sys/stat.h 48.Ft int 49.Fn chmod "const char *path" "mode_t mode" 50.Ft int 51.Fn fchmod "int fd" "mode_t mode" 52.Ft int 53.Fn lchmod "const char *path" "mode_t mode" 54.Sh DESCRIPTION 55The file permission bits of the file named specified by 56.Fa path 57or referenced by the file descriptor 58.Fa fd 59are changed to 60.Fa mode . 61The 62.Fn chmod 63function verifies that the process owner (user) either owns 64the file specified by 65.Fa path 66(or 67.Fa fd ) , 68or 69is the super-user. 70The 71.Fn chmod 72function follows symbolic links to operate on the target of the link 73rather than the link itself. 74.Pp 75The 76.Fa lchmod 77function is similar to 78.Fn chmod 79but does not follow symbolic links. 80.Pp 81A mode is created from 82.Em or'd 83permission bit masks 84defined in 85.In sys/stat.h : 86.Pp 87.Bd -literal -offset indent -compact 88#define S_IRWXU 0000700 /* RWX mask for owner */ 89#define S_IRUSR 0000400 /* R for owner */ 90#define S_IWUSR 0000200 /* W for owner */ 91#define S_IXUSR 0000100 /* X for owner */ 92 93#define S_IRWXG 0000070 /* RWX mask for group */ 94#define S_IRGRP 0000040 /* R for group */ 95#define S_IWGRP 0000020 /* W for group */ 96#define S_IXGRP 0000010 /* X for group */ 97 98#define S_IRWXO 0000007 /* RWX mask for other */ 99#define S_IROTH 0000004 /* R for other */ 100#define S_IWOTH 0000002 /* W for other */ 101#define S_IXOTH 0000001 /* X for other */ 102 103#define S_ISUID 0004000 /* set user id on execution */ 104#define S_ISGID 0002000 /* set group id on execution */ 105#define S_ISVTX 0001000 /* sticky bit */ 106#ifndef _POSIX_SOURCE 107#define S_ISTXT 0001000 108#endif 109.Ed 110.Pp 111The 112.Dx 113VM system totally ignores the sticky bit 114.Pq Dv ISVTX 115for executables. 116On UFS-based filesystems (FFS, MFS, LFS) the sticky 117bit may only be set upon directories. 118.Pp 119If mode 120.Dv ISVTX 121(the `sticky bit') is set on a directory, 122an unprivileged user may not delete or rename 123files of other users in that directory. 124The sticky bit may be 125set by any user on a directory which the user owns or has appropriate 126permissions. 127For more details of the properties of the sticky bit, see 128.Xr sticky 8 . 129.Pp 130If mode ISUID (set UID) is set on a directory, 131and the MNT_SUIDDIR option was used in the mount of the filesystem, 132then the owner of any new files and sub-directories 133created within this directory are set 134to be the same as the owner of that directory. 135If this function is enabled, new directories will inherit 136the bit from their parents. Execute bits are removed from 137the file, and it will not be given to root. 138This behavior does not change the 139requirements for the user to be allowed to write the file, but only the eventual 140owner after it has been created. 141Group inheritance is not affected. 142.Pp 143This feature is designed for use on fileservers serving PC users via 144ftp, SAMBA, or netatalk. 145It provides security holes for shell users and as 146such should not be used on shell machines, especially on home directories. 147This option requires the SUIDDIR 148option in the kernel to work. 149Only UFS filesystems support this option. 150For more details of the suiddir mount option, see 151.Xr mount 8 . 152.Pp 153Writing or changing the owner of a file 154turns off the set-user-id and set-group-id bits 155unless the user is the super-user. 156This makes the system somewhat more secure 157by protecting set-user-id (set-group-id) files 158from remaining set-user-id (set-group-id) if they are modified, 159at the expense of a degree of compatibility. 160.Sh RETURN VALUES 161.Rv -std 162.Sh ERRORS 163.Fn Chmod 164will fail and the file mode will be unchanged if: 165.Bl -tag -width Er 166.It Bq Er ENOTDIR 167A component of the path prefix is not a directory. 168.It Bq Er ENAMETOOLONG 169A component of a pathname exceeded 255 characters, 170or an entire path name exceeded 1023 characters. 171.It Bq Er ENOENT 172The named file does not exist. 173.It Bq Er EACCES 174Search permission is denied for a component of the path prefix. 175.It Bq Er ELOOP 176Too many symbolic links were encountered in translating the pathname. 177.It Bq Er EPERM 178The effective user ID does not match the owner of the file and 179the effective user ID is not the super-user. 180.It Bq Er EROFS 181The named file resides on a read-only file system. 182.It Bq Er EFAULT 183.Fa Path 184points outside the process's allocated address space. 185.It Bq Er EIO 186An I/O error occurred while reading from or writing to the file system. 187.It Bq Er EFTYPE 188An attempt was made to set the sticky bit upon an executable. 189.El 190.Pp 191.Fn Fchmod 192will fail if: 193.Bl -tag -width Er 194.It Bq Er EBADF 195The descriptor is not valid. 196.It Bq Er EINVAL 197.Fa fd 198refers to a socket, not to a file. 199.It Bq Er EROFS 200The file resides on a read-only file system. 201.It Bq Er EIO 202An I/O error occurred while reading from or writing to the file system. 203.El 204.Sh SEE ALSO 205.Xr chmod 1 , 206.Xr chown 2 , 207.Xr open 2 , 208.Xr stat 2 , 209.Xr sticky 8 210.Sh STANDARDS 211The 212.Fn chmod 213function call is expected to conform to 214.St -p1003.1-90 , 215except for the return of 216.Er EFTYPE 217and the use of 218.Dv S_ISTXT . 219.Sh HISTORY 220A 221.Fn chmod 222function call appeared in 223.At v7 . 224The 225.Fn fchmod 226function call 227appeared in 228.Bx 4.2 . 229The 230.Fn lchmod 231function call appeared in 232.Fx 3.0 . 233