mirror of https://github.com/mkerrisk/man-pages
163 lines
5.8 KiB
Groff
163 lines
5.8 KiB
Groff
.\" Copyright Andries Brouwer, Ragnar Hojland Espinosa and A. Wik, 1998.
|
|
.\"
|
|
.\" This file may be copied under the conditions described
|
|
.\" in the LDP GENERAL PUBLIC LICENSE, Version 1, September 1998
|
|
.\" that should have been distributed together with this file.
|
|
.\"
|
|
.\" Modified 2004-06-17, Michael Kerrisk
|
|
.\"
|
|
.TH CHMOD 1 2004-06-17 "GNU fileutils 4.0"
|
|
.SH NAME
|
|
chmod \- change access permissions of files
|
|
.SH SYNOPSIS
|
|
.BI "chmod [" options "] " "mode file..."
|
|
.sp
|
|
POSIX options:
|
|
.B "[\-R] [\-\-]"
|
|
.sp
|
|
GNU mode denotation:
|
|
.BI [\-\-reference= rfile ]
|
|
.sp
|
|
GNU options (shortest form):
|
|
.B [\-cfvR]
|
|
.B "[\-\-help] [\-\-version] [\-\-]"
|
|
.SH DESCRIPTION
|
|
.B chmod
|
|
changes the permissions of each given
|
|
.I file
|
|
according to
|
|
.IR mode ,
|
|
which can be either a symbolic representation of changes to make, or
|
|
an octal number representing the bit pattern for the new permissions.
|
|
.PP
|
|
The format of a symbolic mode change argument is
|
|
.br
|
|
\&`[ugoa...][[+\-=][rwxXstugo...]...][,...]'.
|
|
.PP
|
|
Such an argument is a list of symbolic mode change commands,
|
|
separated by commas.
|
|
Each symbolic mode change command starts with zero or more
|
|
of the letters `ugoa'; these control which users' access to
|
|
the file will be changed: the user who owns it (u), other users in the
|
|
file's group (g), other users not in the file's group (o), or all
|
|
users (a). Thus, `a' is here equivalent to `ugo'.
|
|
If none of these are given, the effect is as if `a' were
|
|
given, but bits that are set in the umask are not affected.
|
|
.PP
|
|
The operator `+' causes the permissions selected to be added to the
|
|
existing permissions of each file; `\-' causes them to be removed;
|
|
and `=' causes them to be the only permissions that the file has.
|
|
.PP
|
|
The letters `rwxXstugo' select the new permissions for the affected
|
|
users: read (r), write (w), execute (or access for directories) (x),
|
|
execute only if the file is a directory or already has execute
|
|
permission for some user (X), set user or group ID on execution (s),
|
|
sticky bit (t), the permissions that the user
|
|
who owns the file currently has for it (u), the permissions that other
|
|
users in the file's group have for it (g), and the permissions that
|
|
other users not in the file's group have for it (o).
|
|
(Thus, `chmod g\-s file' removes the set-group-ID bit,
|
|
\&`chmod ug+s file' sets both the set-user-ID and set-group-ID bits, while
|
|
\&`chmod o+s file' does nothing.)
|
|
.PP
|
|
The name of the `sticky bit' derives from the original meaning:
|
|
keep program text on swap device.
|
|
These days, when set for a directory, it means that
|
|
only the owner of the file and the owner of that directory
|
|
may remove the file from that directory.
|
|
(This is commonly used on directories like /tmp that have
|
|
general write permission.)
|
|
.PP
|
|
A numeric mode is from one to four octal digits (0-7), derived by
|
|
adding up the bits with values 4, 2, and 1. Any omitted digits are
|
|
assumed to be leading zeros. The first digit selects the set-user-ID
|
|
(4) and set-group-ID (2) and save text image [`sticky'] (1) attributes.
|
|
The second digit selects permissions for the user who owns the file: read
|
|
(4), write (2), and execute (1); the third selects permissions for
|
|
other users in the file's group, with the same values; and the fourth
|
|
for other users not in the file's group, with the same values.
|
|
.PP
|
|
.B chmod
|
|
never changes the permissions of symbolic links, since the
|
|
.B chmod
|
|
system call cannot change their permissions. This is not a problem
|
|
since the permissions of symbolic links are never used. However, for
|
|
each symbolic link listed on the command line,
|
|
.B chmod
|
|
changes the permissions of the pointed-to file. In contrast,
|
|
.B chmod
|
|
ignores symbolic links encountered during recursive directory traversals.
|
|
.SH "POSIX OPTIONS"
|
|
.TP
|
|
.B "\-R"
|
|
Recursively change permissions of directories and their contents.
|
|
.TP
|
|
.B "\-\-"
|
|
Terminate option list.
|
|
.SH "ADDITIONAL GNU DESCRIPTION"
|
|
A GNU extension (new in fileutils 4.0) allows one to use
|
|
.BI "\-\-reference=" "rfile"
|
|
as a mode description: the same mode as that of
|
|
.IR rfile .
|
|
.SH "GNU OPTIONS"
|
|
.TP
|
|
.B "\-c, \-\-changes"
|
|
Verbosely describe the action for each
|
|
.I file
|
|
whose permissions actually changes.
|
|
.TP
|
|
.B "\-f, \-\-silent, \-\-quiet"
|
|
Do not print error messages about files whose permissions cannot be changed.
|
|
.TP
|
|
.B "\-v, \-\-verbose"
|
|
Verbosely describe the action or non-action taken for every
|
|
.IR file .
|
|
.TP
|
|
.B "\-R, \-\-recursive"
|
|
Recursively change permissions of directories and their contents.
|
|
.SH "GNU STANDARD OPTIONS"
|
|
.TP
|
|
.B "\-\-help"
|
|
Print a usage message on standard output and exit successfully.
|
|
.TP
|
|
.B "\-\-version"
|
|
Print version information on standard output, then exit successfully.
|
|
.TP
|
|
.B "\-\-"
|
|
Terminate option list.
|
|
.SH ENVIRONMENT
|
|
The variables LANG, LC_ALL, LC_CTYPE and LC_MESSAGES have the
|
|
usual meaning. For an XSI-conforming system: NLSPATH has the
|
|
usual meaning.
|
|
.SH "CONFORMING TO"
|
|
POSIX.2 only requires the \-R option. Use of other options
|
|
may not be portable. This standard does not describe the 't' permission
|
|
bit. This standard does not specify whether \fBchmod\fP must preserve
|
|
consistency by clearing or refusing to set the set-user-ID and set-group-ID
|
|
bits, e.g., when all execute bits are cleared, or whether \fBchmod\fP
|
|
honors the `s' bit at all.
|
|
.SH "NONSTANDARD MODES"
|
|
Above we described the use of the `t' bit on directories.
|
|
Various systems attach special meanings to otherwise
|
|
meaningless combinations of mode bits.
|
|
In particular, Linux, following System V (see
|
|
System V Interface Definition (SVID) Version 3),
|
|
uses the combination of having the set-group-ID bit enabled
|
|
while group execute bit is disabled to mean that
|
|
mandatory locking is enabled for the file.
|
|
For more details, see
|
|
the file
|
|
.IR /usr/src/linux/Documentation/mandatory.txt .
|
|
.SH NOTES
|
|
This page describes
|
|
.B chmod
|
|
as found in the fileutils-4.0 package;
|
|
other versions may differ slightly.
|
|
.SH "SEE ALSO"
|
|
.BR chattr (1),
|
|
.BR chown (1),
|
|
.BR install (1),
|
|
.BR chmod (2),
|
|
.BR stat (2),
|
|
.BR umask (2)
|