mirror of https://github.com/mkerrisk/man-pages
370 lines
8.6 KiB
Groff
370 lines
8.6 KiB
Groff
.\" Copyright (c) 1992 Drew Eckhardt (drew@cs.colorado.edu), March 28, 1992
|
|
.\" and Copyright (C) 2006, 2014 Michael Kerrisk
|
|
.\"
|
|
.\" %%%LICENSE_START(VERBATIM)
|
|
.\" Permission is granted to make and distribute verbatim copies of this
|
|
.\" manual provided the copyright notice and this permission notice are
|
|
.\" preserved on all copies.
|
|
.\"
|
|
.\" Permission is granted to copy and distribute modified versions of this
|
|
.\" manual under the conditions for verbatim copying, provided that the
|
|
.\" entire resulting derived work is distributed under the terms of a
|
|
.\" permission notice identical to this one.
|
|
.\"
|
|
.\" Since the Linux kernel and libraries are constantly changing, this
|
|
.\" manual page may be incorrect or out-of-date. The author(s) assume no
|
|
.\" responsibility for errors or omissions, or for damages resulting from
|
|
.\" the use of the information contained herein. The author(s) may not
|
|
.\" have taken the same level of care in the production of this manual,
|
|
.\" which is licensed free of charge, as they might when working
|
|
.\" professionally.
|
|
.\"
|
|
.\" Formatted or processed versions of this manual, if unaccompanied by
|
|
.\" the source, must acknowledge the copyright and authors of this work.
|
|
.\" %%%LICENSE_END
|
|
.\"
|
|
.\" Modified by Michael Haardt <michael@moria.de>
|
|
.\" Modified 1993-07-21 by Rik Faith <faith@cs.unc.edu>
|
|
.\" Modified 1997-01-12 by Michael Haardt
|
|
.\" <michael@cantor.informatik.rwth-aachen.de>: NFS details
|
|
.\" Modified 2004-06-23 by Michael Kerrisk <mtk.manpages@gmail.com>
|
|
.\"
|
|
.TH CHMOD 2 2016-03-15 "Linux" "Linux Programmer's Manual"
|
|
.SH NAME
|
|
chmod, fchmod, fchmodat \- change permissions of a file
|
|
.SH SYNOPSIS
|
|
.nf
|
|
.B #include <sys/stat.h>
|
|
.sp
|
|
.BI "int chmod(const char *" pathname ", mode_t " mode );
|
|
.br
|
|
.BI "int fchmod(int " fd ", mode_t " mode );
|
|
.sp
|
|
.BR "#include <fcntl.h>" " /* Definition of AT_* constants */"
|
|
.B #include <sys/stat.h>
|
|
.sp
|
|
.BI "int fchmodat(int " dirfd ", const char *" pathname ", mode_t " \
|
|
mode ", int " flags );
|
|
.fi
|
|
.sp
|
|
.in -4n
|
|
Feature Test Macro Requirements for glibc (see
|
|
.BR feature_test_macros (7)):
|
|
.in
|
|
.sp
|
|
.ad l
|
|
.PD 0
|
|
.BR fchmod ():
|
|
.RS 4
|
|
/* Since glibc 2.16: */ _POSIX_C_SOURCE
|
|
|| /* Glibc versions <= 2.19: */ _BSD_SOURCE
|
|
|| /* Glibc versions <= 2.15: */ _XOPEN_SOURCE\ >=\ 500
|
|
.\" || _XOPEN_SOURCE\ &&\ _XOPEN_SOURCE_EXTENDED
|
|
|| /* Glibc 2.12 to 2.15: */ _POSIX_C_SOURCE\ >=\ 200809L
|
|
.RE
|
|
.PD
|
|
.sp
|
|
.BR fchmodat ():
|
|
.PD 0
|
|
.ad l
|
|
.RS 4
|
|
.TP 4
|
|
Since glibc 2.10:
|
|
_POSIX_C_SOURCE\ >=\ 200809L
|
|
.TP
|
|
Before glibc 2.10:
|
|
_ATFILE_SOURCE
|
|
.RE
|
|
.ad
|
|
.PD
|
|
.ad
|
|
.SH DESCRIPTION
|
|
The
|
|
.BR chmod ()
|
|
and
|
|
.BR fchmod ()
|
|
system calls change a files mode bits.
|
|
(The file mode consists of the file permission bits plus the set-user-ID,
|
|
set-group-ID, and sticky bits.)
|
|
These system calls differ only in how the file is specified:
|
|
.IP * 2
|
|
.BR chmod ()
|
|
changes the mode of the file specified whose pathname is given in
|
|
.IR pathname ,
|
|
which is dereferenced if it is a symbolic link.
|
|
.IP *
|
|
.BR fchmod ()
|
|
changes the mode of the file referred to by the open file descriptor
|
|
.IR fd .
|
|
.PP
|
|
The new file mode is specified in
|
|
.IR mode ,
|
|
which is a bit mask created by ORing together zero or
|
|
more of the following:
|
|
.TP 18
|
|
.BR S_ISUID " (04000)"
|
|
set-user-ID (set process effective user ID on
|
|
.BR execve (2))
|
|
.TP
|
|
.BR S_ISGID " (02000)"
|
|
set-group-ID (set process effective group ID on
|
|
.BR execve (2);
|
|
mandatory locking, as described in
|
|
.BR fcntl (2);
|
|
take a new file's group from parent directory, as described in
|
|
.BR chown (2)
|
|
and
|
|
.BR mkdir (2))
|
|
.TP
|
|
.BR S_ISVTX " (01000)"
|
|
sticky bit (restricted deletion flag, as described in
|
|
.BR unlink (2))
|
|
.TP
|
|
.BR S_IRUSR " (00400)"
|
|
read by owner
|
|
.TP
|
|
.BR S_IWUSR " (00200)"
|
|
write by owner
|
|
.TP
|
|
.BR S_IXUSR " (00100)"
|
|
execute/search by owner ("search" applies for directories,
|
|
and means that entries within the directory can be accessed)
|
|
.TP
|
|
.BR S_IRGRP " (00040)"
|
|
read by group
|
|
.TP
|
|
.BR S_IWGRP " (00020)"
|
|
write by group
|
|
.TP
|
|
.BR S_IXGRP " (00010)"
|
|
execute/search by group
|
|
.TP
|
|
.BR S_IROTH " (00004)"
|
|
read by others
|
|
.TP
|
|
.BR S_IWOTH " (00002)"
|
|
write by others
|
|
.TP
|
|
.BR S_IXOTH " (00001)"
|
|
execute/search by others
|
|
.PP
|
|
The effective UID of the calling process must match the owner of the file,
|
|
or the process must be privileged (Linux: it must have the
|
|
.B CAP_FOWNER
|
|
capability).
|
|
|
|
If the calling process is not privileged (Linux: does not have the
|
|
.B CAP_FSETID
|
|
capability), and the group of the file does not match
|
|
the effective group ID of the process or one of its
|
|
supplementary group IDs, the
|
|
.B S_ISGID
|
|
bit will be turned off,
|
|
but this will not cause an error to be returned.
|
|
|
|
As a security measure, depending on the filesystem,
|
|
the set-user-ID and set-group-ID execution bits
|
|
may be turned off if a file is written.
|
|
(On Linux this occurs if the writing process does not have the
|
|
.B CAP_FSETID
|
|
capability.)
|
|
On some filesystems, only the superuser can set the sticky bit,
|
|
which may have a special meaning.
|
|
For the sticky bit, and for set-user-ID and set-group-ID bits on
|
|
directories, see
|
|
.BR stat (2).
|
|
|
|
On NFS filesystems, restricting the permissions will immediately influence
|
|
already open files, because the access control is done on the server, but
|
|
open files are maintained by the client.
|
|
Widening the permissions may be
|
|
delayed for other clients if attribute caching is enabled on them.
|
|
.\"
|
|
.\"
|
|
.SS fchmodat()
|
|
The
|
|
.BR fchmodat ()
|
|
system call operates in exactly the same way as
|
|
.BR chmod (),
|
|
except for the differences described here.
|
|
|
|
If the pathname given in
|
|
.I pathname
|
|
is relative, then it is interpreted relative to the directory
|
|
referred to by the file descriptor
|
|
.I dirfd
|
|
(rather than relative to the current working directory of
|
|
the calling process, as is done by
|
|
.BR chmod ()
|
|
for a relative pathname).
|
|
|
|
If
|
|
.I pathname
|
|
is relative and
|
|
.I dirfd
|
|
is the special value
|
|
.BR AT_FDCWD ,
|
|
then
|
|
.I pathname
|
|
is interpreted relative to the current working
|
|
directory of the calling process (like
|
|
.BR chmod ()).
|
|
|
|
If
|
|
.I pathname
|
|
is absolute, then
|
|
.I dirfd
|
|
is ignored.
|
|
|
|
.I flags
|
|
can either be 0, or include the following flag:
|
|
.TP
|
|
.B AT_SYMLINK_NOFOLLOW
|
|
If
|
|
.I pathname
|
|
is a symbolic link, do not dereference it:
|
|
instead operate on the link itself.
|
|
This flag is not currently implemented.
|
|
.PP
|
|
See
|
|
.BR openat (2)
|
|
for an explanation of the need for
|
|
.BR fchmodat ().
|
|
.SH RETURN VALUE
|
|
On success, zero is returned.
|
|
On error, \-1 is returned, and
|
|
.I errno
|
|
is set appropriately.
|
|
.SH ERRORS
|
|
Depending on the filesystem,
|
|
errors other than those listed below can be returned.
|
|
|
|
The more general errors for
|
|
.BR chmod ()
|
|
are listed below:
|
|
.TP
|
|
.B EACCES
|
|
Search permission is denied on a component of the path prefix.
|
|
(See also
|
|
.BR path_resolution (7).)
|
|
.TP
|
|
.B EFAULT
|
|
.I pathname
|
|
points outside your accessible address space.
|
|
.TP
|
|
.B EIO
|
|
An I/O error occurred.
|
|
.TP
|
|
.B ELOOP
|
|
Too many symbolic links were encountered in resolving
|
|
.IR pathname .
|
|
.TP
|
|
.B ENAMETOOLONG
|
|
.I pathname
|
|
is too long.
|
|
.TP
|
|
.B ENOENT
|
|
The file does not exist.
|
|
.TP
|
|
.B ENOMEM
|
|
Insufficient kernel memory was available.
|
|
.TP
|
|
.B ENOTDIR
|
|
A component of the path prefix is not a directory.
|
|
.TP
|
|
.B EPERM
|
|
The effective UID does not match the owner of the file,
|
|
and the process is not privileged (Linux: it does not have the
|
|
.B CAP_FOWNER
|
|
capability).
|
|
.TP
|
|
.B EROFS
|
|
The named file resides on a read-only filesystem.
|
|
.PP
|
|
The general errors for
|
|
.BR fchmod ()
|
|
are listed below:
|
|
.TP
|
|
.B EBADF
|
|
The file descriptor
|
|
.I fd
|
|
is not valid.
|
|
.TP
|
|
.B EIO
|
|
See above.
|
|
.TP
|
|
.B EPERM
|
|
See above.
|
|
.TP
|
|
.B EROFS
|
|
See above.
|
|
.PP
|
|
The same errors that occur for
|
|
.BR chmod ()
|
|
can also occur for
|
|
.BR fchmodat ().
|
|
The following additional errors can occur for
|
|
.BR fchmodat ():
|
|
.TP
|
|
.B EBADF
|
|
.I dirfd
|
|
is not a valid file descriptor.
|
|
.TP
|
|
.B EINVAL
|
|
Invalid flag specified in
|
|
.IR flags .
|
|
.TP
|
|
.B ENOTDIR
|
|
.I pathname
|
|
is relative and
|
|
.I dirfd
|
|
is a file descriptor referring to a file other than a directory.
|
|
.TP
|
|
.B ENOTSUP
|
|
.I flags
|
|
specified
|
|
.BR AT_SYMLINK_NOFOLLOW ,
|
|
which is not supported.
|
|
.SH VERSIONS
|
|
.BR fchmodat ()
|
|
was added to Linux in kernel 2.6.16;
|
|
library support was added to glibc in version 2.4.
|
|
.SH CONFORMING TO
|
|
.BR chmod (),
|
|
.BR fchmod ():
|
|
4.4BSD, SVr4, POSIX.1-2001i, POSIX.1-2008.
|
|
|
|
.BR fchmodat ():
|
|
POSIX.1-2008.
|
|
.SH NOTES
|
|
.SS C library/kernel differences
|
|
The GNU C library
|
|
.BR fchmodat ()
|
|
wrapper function implements the POSIX-specified
|
|
interface described in this page.
|
|
This interface differs from the underlying Linux system call, which does
|
|
.I not
|
|
have a
|
|
.I flags
|
|
argument.
|
|
.SS Glibc notes
|
|
On older kernels where
|
|
.BR fchmodat ()
|
|
is unavailable, the glibc wrapper function falls back to the use of
|
|
.BR chmod ().
|
|
When
|
|
.I pathname
|
|
is a relative pathname,
|
|
glibc constructs a pathname based on the symbolic link in
|
|
.IR /proc/self/fd
|
|
that corresponds to the
|
|
.IR dirfd
|
|
argument.
|
|
.SH SEE ALSO
|
|
.BR chown (2),
|
|
.BR execve (2),
|
|
.BR open (2),
|
|
.BR stat (2),
|
|
.BR path_resolution (7),
|
|
.BR symlink (7)
|