chmod(2)chmod(2)NAME
chmod, fchmod - change mode of file
SYNOPSIS
#include <sys/types.h>
#include <sys/stat.h>
int chmod(const char *path, mode_t mode);
int fchmod(int fildes, mode_t mode);
DESCRIPTION
chmod and fchmod set the access permission portion of the mode of the
file whose name is given by path or referenced by the descriptor fildes
to the bit pattern contained in mode. If path or fildes are symbolic
links, the access permissions of the target of the symbolic links are
set. Access permission bits are interpreted as follows:
S_ISUID 04000 Set user ID on execution.
S_ISGID 020#0 Set group ID on execution if # is 7, 5, 3, or 1
Enable mandatory file/record locking if # is 6, 4, 2, or 0
S_ISVTX 01000 Save text image after execution (a.k.a. Sticky bit).
S_IRWXU 00700 Read, write, execute by owner.
S_IRUSR 00400 Read by owner.
S_IWUSR 00200 Write by owner.
S_IXUSR 00100 Execute (search if a directory) by owner.
S_IRWXG 00070 Read, write, execute by group.
S_IRGRP 00040 Read by group.
S_IWGRP 00020 Write by group.
S_IXGRP 00010 Execute by group.
S_IRWXO 00007 Read, write, execute (search) by others.
S_IROTH 00004 Read by others.
S_IWOTH 00002 Write by others
S_IXOTH 00001 Execute by others.
Modes are constructed by OR'ing the access permission bits.
The effective user ID of the process must match the owner of the file or
the process must be super-user to change the mode of a file.
If the effective user ID of the process is not super-user, the sticky bit
is cleared for any non-directory argument.
If the effective group ID of the process does not match the group ID of
the file, and the process is not super-user the mode bit 02000 (set group
ID on execution) is cleared.
If a directory is writable and the sticky bit, S_ISVTX, is set on the
directory, a process may remove or rename files within that directory
only if one or more of the following is true [see unlink(2) and
rename(2)]:
Page 1
chmod(2)chmod(2)
the effective user ID of the process is the same as that of the
owner ID of the file
the effective user ID of the process is the same as that of the
owner ID of the directory
the process is a super-user.
Note that the group id of the process and file are not taken into account
by the rules above. A process will only be able to remove a file in a
sticky directory based upon its effective user ID, not its group ID.
In releases of IRIX before 6.2, a process could also remove or rename
files within a directory with the sticky bit set if the process had write
permission for the file. This has been changed in accordance with the
X/Open XPG4.2 standard, but the old behavior can be enabled via the
xpg4_sticky_bit kernel tunable variable.
If the sticky bit, S_ISVTX, is set on a file that is a dynamic loader for
an ELF executable, then when the executable is execed the old process's
read only address spaces will be made available to the dynamic loader in
the new process. This can improve program start up time considerably.
The setting of the sticky bit on any other file has no effect.
If the mode bit 02000 (set group ID on execution) is set, the mode bit
00010 (execute or search by group) is not set, and the file is a regular
file, file and record locks will be mandatory. Future calls to open(2),
creat(2), read(2), and write(2) will carry implicit locks, and may fail
or block depending on the presence of other locks on the file. Mapped
file access is not affected by mandatory locks.
If the mode bit 02000 is set on a directory, then any files created in
that directory will take on the group ID of the directory rather than the
group ID of the calling process. mount(1M) may be used to enable this
feature regardless of the mode of the directory. [See fstab(4)].
Mandatory locking is not supported on NFS or CacheFS. Starting from Irix
6.5.28 NFS server would return EACCES if a process on a NFS client
attempts to access a file which has mandatory locking enabled.
Upon successful completion, chmod and fchmod mark for update the st_ctime
field of the file.
chmod will fail and the file mode will be unchanged if one or more of the
following are true:
EACCES Search permission is denied on a component of the path
prefix of path.
Page 2
chmod(2)chmod(2)
EACCES Write permission on the named file is denied.
EFAULT path points outside the allocated address space of the
process.
EINTR A signal was caught during execution of the system call.
EIO An I/O error occurred while reading from or writing to the
file system.
ELOOP Too many symbolic links were encountered in translating
path.
EMULTIHOP Components of path require hopping to multiple remote
machines and file system type does not allow it.
ENAMETOOLONG The length of the path argument exceeds {PATH_MAX}, or the
length of a path component exceeds {NAME_MAX} while
_POSIX_NO_TRUNC is in effect.
ENOTDIR A component of the prefix of path is not a directory.
ENOENT Either a component of the path prefix, or the file
referred to by path does not exist or is a null pathname.
ENOLINK path points to a remote machine and the link to that
machine is no longer active.
ETIMEDOUT The named file is located on a remote file system which is
not available [see intro(2)].
EPERM The effective user ID does not match the owner of the file
and the process is not super-user.
EROFS The file referred to by path resides on a read-only file
system.
fchmod will fail and the file mode will be unchanged if:
EBADF fildes is not an open file descriptor
EIO An I/O error occurred while reading from or writing to the
file system.
EINTR A signal was caught during execution of the fchmod system
call.
ENOLINK fildes refers to a remote machine and the link to that
machine is no longer active.
Page 3
chmod(2)chmod(2)
ETIMEDOUT fildes refers to a file on a remote file system which is
not available [see intro(2)].
EPERM The effective user ID does not match the owner of the file
and the process is not super-user.
EROFS The file referred to by fildes resides on a read-only file
system.
SEE ALSOchmod(1), access(2), chown(2), creat(2), exec(2), fcntl(2), mknod(2),
open(2), read(2), stat(2), write(2), mkfifo(3C), stat(5)DIAGNOSTICS
Upon successful completion, a value of 0 is returned. Otherwise, a value
of -1 is returned and errno is set to indicate the error.
BUGS
Due to the overloading of various permission bits, the silent turning off
of the set group ID on execution bit under the above mentioned
circumstances may in fact have disabled mandatory file/record locking
(for files) or group inheritance (for directories). The only way to
determine if chmod really worked in these cases is to stat(2) the file.
Page 4
