chmod(1)

NAME

chmod — change file mode access permissions

SYNOPSIS

/usr/bin/chmod [-A] [-R] symbolic_mode_list file ...

Obsolescent form

/usr/bin/chmod [-A] [-R] numeric_mode file ...

DESCRIPTION

The chmod command changes the permissions of one or more files according to the value of symbolic_mode_list or numeric_mode. You can display the current permissions for a file with the ls -l command (see ls(1)).

Only the owner of a file, or a user with appropriate privileges, can change its mode.

Only a user having appropriate privileges can set (or retain, if previously set) the sticky bit of a regular file.

If the sticky bit is set on a directory, files inside the directory may be renamed or removed only by the owner of the file, the owner of the directory, or the superuser (even if the modes of the directory would otherwise allow such an operation).

In order to set the set-group-ID bit, the group of the file must correspond to your current group ID.

If chmod is used on a symbolic link, the mode of the file referred to by the link is changed.

Options

The chmod command recognizes the following options:

-A: Preserve any optional access control list (ACL) entries associated with the file (HFS file systems only). By default, in conformance with the IEEE Standard POSIX 1003.1-1988, optional HFS ACL entries are deleted. For JFS ACLs, this option has no effect, because optional JFS ACL entries are always preserved. For information about access control lists, see acl(5) and aclv(5).
-R: Recursively change the file mode bits. For each file operand that names a directory, chmod alters the file mode bits of the named directory and all files and subdirectories in the file hierarchy below it.

Operands

The chmod command recognizes the following operands:

file: Targe file for which the permissions are changes.
numeric-mode: Numeric value used to determine permission on a specified file. See the Numeric Mode section for more information.
symbolic-mode-list: List of operations used to determine permissions on a specified file. See the Symbolic Mode List section for more information.

Symbolic Mode List

A symbolic_mode_list is a comma-separated list of operations in the following form. Whitespace is not permitted.

[who]op[permission ][,...]

The variable fields can have the following values:

who

One or more of the following letters:

u: Modify permissions for user (owner).
g: Modify permissions for group.
o: Modify permissions for others.
a: Modify permissions for all users (a is equivalent to ugo).

op

Required; one of the following symbols:

+: Add permission to the existing file mode bits of who.
-: Delete permission from the existing file mode bits of who.
=: Replace the existing mode bits of who with permission.

permission

One or more of the following letters:

r

Add or delete the read permission for who.

w

Add or delete the write permission for who.

x

Add or delete the execute file (search directory) permission for who.

s

Add or delete the set-owner-ID-on-file-execution or set-group-ID-on-file-execution permission for who. Useful only if u or g is expressed or implied in who.

t

Add or delete the sticky bit permission. Useful only if u is expressed or implied in who. See chmod(2).

X

Conditionally add or delete the execute/search permission as follows:

If file is a directory, add or delete the search permission to the existing file mode for who. (Same as x.)
If file is not a directory, and the current file permissions include the execute permission (ls -l displays an x or an s) for at least one of user, group, or other, then add or delete the execute file permission for who.
If file is not a directory, and no execute permissions are set in the current file mode, then do not change any execute permission.

Or one only of the following letters:

u: Copy the current user permissions to who.
g: Copy the current group permissions to who.
o: Copy the current other permissions to who.

The operations are performed in the order specified, and can override preceding operations specified in the same command line.

If who is omitted, the r, w, x, and X permissions are changed for all users if the changes are permitted by the current file mode creation mask (see umask(1)). The s and t permissions are changed as if a was specified in who.

Omitting permission is useful only when used with = to delete all permissions.

Numeric Mode (Obsolescent)

Absolute permissions can be set by specifying a numeric_mode, an octal number constructed from the logical OR (sum) of the following mode bits:

Miscellaneous mode bits:

(= u=s)  Set user ID on file execution (file only)
(= g=s)  Set group ID on file execution (file only)
(= u=t)  Set sticky bit; see below and chmod(2)

Permission mode bits:

(= u=r)  Read by owner
(= u=w)  Write by owner
(= u=x)  Execute (search in directory) by owner
(= g=r)  Read by group
(= g=w)  Write by group
(= g=x)  Execute/search by group
(= o=r)  Read by others
(= o=w)  Write by others
(= o=x)  Execute/search by others

EXTERNAL INFLUENCES

Environment Variables

LC_MESSAGES determines the language in which messages are displayed.

If LC_MESSAGES is not specified or is null, it defaults to the value of LANG. If LANG is not specified or is null, it defaults to C (see lang(5)).

If any internationalization variable contains an invalid setting, all internationalization variables default to C. See environ(5).

International Code Set Support

Single- and multibyte character code sets are supported.

RETURN VALUE

Upon completion, chmod returns one of the following values:

0: Successful completion.
>0: An error condition occurred.

EXAMPLES

Deny write permission to others:

chmod o-w file

Make a file executable by everybody:

chmod a+x file

Assign read and execute permission to everybody, and set the set-user-ID bit:

chmod a=rx,u+s file

Assign read and write permission to the file owner, and read permission to everybody else:

chmod u=rw,go=r file

or the obsolescent form:

chmod 644 file

Traverse a directory subtree making all regular files readable by user and group only, and all executables and directories executable (searchable) by everyone:

chmod -R ug+r,o-r,a+X pathname

If the current value of umask is 020 (umask -S displays u=rwx,g=rx,o=rwx; do not change write permission for group) and the current permissions for file mytest are 444 (a=r), displayed by ls -l as -r--r--r--, then the command

chmod +w mytest 

sets the permissions to 646 (uo=rw,g=r), displayed by ls -l as -rw-r--rw-.

If the current value of umask is 020 (umask -S displays u=rwx,g=rx,o=rwx; do not change write permission for group) and the current permissions for file mytest are 666 (a=rw), displayed by ls -l as -rw-rw-rw-, then the command

chmod -w mytest 

sets the permissions to 464 (uo=r,g=rw), displayed by ls -l as -r--rw-r--.

DEPENDENCIES

The -A option causes chmod to fail on file systems that do not support ACLs.

AUTHOR

chmod was developed by AT&T and HP.

STANDARDS CONFORMANCE

chmod: SVID2, SVID3, XPG2, XPG3, XPG4, POSIX.2