---

Manual Reference Pages  - CHMOD (1)

---

chmod - change access permissions of files

CONTENTS

Synopsis
Description
Environment
Notes

chmod [options] mode file...

POSIX options: [-R] [--]

GNU mode denotation: [--reference=rfile]

GNU options (shortest form): [-cfvR] [--help] [--version] [--]

chmod changes the permissions of each given file according to mode, which can be either a symbolic representation of changes to make, or an octal number representing the bit pattern for the new permissions.

The format of a symbolic mode change argument is
‘[ugoa...][[+-=][rwxXstugo...]...][,...]’.

Such an argument is a list of symbolic mode change commands, separated by commas. Each symbolic mode change command starts with zero or more of the letters ‘ugoa’; these control which users’ access to the file will be changed: the user who owns it (u), other users in the file’s group (g), other users not in the file’s group (o), or all users (a). Thus, ‘a’ is here equivalent to ‘ugo’. If none of these are given, the effect is as if ‘a’ were given, but bits that are set in the umask are not affected.

The operator ‘+’ causes the permissions selected to be added to the existing permissions of each file; ‘-’ causes them to be removed; and ‘=’ causes them to be the only permissions that the file has.

The letters ‘rwxXstugo’ select the new permissions for the affected users: read (r), write (w), execute (or access for directories) (x), execute only if the file is a directory or already has execute permission for some user (X), set user or group ID on execution (s), sticky bit (t), the permissions that the user who owns the file currently has for it (u), the permissions that other users in the file’s group have for it (g), and the permissions that other users not in the file’s group have for it (o). (Thus, ‘chmod g-s file’ removes the set-group-ID bit, ‘chmod ug+s file’ sets both the set-user-ID and set-group-ID bits, while ‘chmod o+s file’ does nothing.)

The name of the ‘sticky bit’ derives from the original meaning: keep program text on swap device. These days, when set for a directory, it means that only the owner of the file and the owner of that directory may remove the file from that directory. (This is commonly used on directories like /tmp that have general write permission.)

A numeric mode is from one to four octal digits (0-7), derived by adding up the bits with values 4, 2, and 1. Any omitted digits are assumed to be leading zeros. The first digit selects the set-user-ID (4) and set-group-ID (2) and save text image [‘sticky’] (1) attributes. The second digit selects permissions for the user who owns the file: read (4), write (2), and execute (1); the third selects permissions for other users in the file’s group, with the same values; and the fourth for other users not in the file’s group, with the same values.

chmod never changes the permissions of symbolic links, since the chmod system call cannot change their permissions. This is not a problem since the permissions of symbolic links are never used. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed-to file. In contrast, chmod ignores symbolic links encountered during recursive directory traversals.

-R	Recursively change permissions of directories and their contents.
--	Terminate option list.

A GNU extension (new in fileutils 4.0) allows one to use --reference=rfile as a mode description: the same mode as that of rfile.

-c, --changes
	Verbosely describe the action for each file whose permissions actually changes.
-f, --silent, --quiet
	Do not print error messages about files whose permissions cannot be changed.
-v, --verbose
	Verbosely describe the action or non-action taken for every file.
-R, --recursive
	Recursively change permissions of directories and their contents.

--help	Print a usage message on standard output and exit successfully.
--version
	Print version information on standard output, then exit successfully.
--	Terminate option list.

The variables LANG, LC_ALL, LC_CTYPE and LC_MESSAGES have the usual meaning. For an XSI-conforming system: NLSPATH has the usual meaning.

POSIX.2 only requires the -R option. Use of other options may not be portable. This standard does not describe the ’t’ permission bit. This standard does not specify whether chmod must preserve consistency by clearing or refusing to set the set-user-ID and set-group-ID bits, e.g., when all execute bits are cleared, or whether chmod honors the ‘s’ bit at all.

Above we described the use of the ‘t’ bit on directories. Various systems attach special meanings to otherwise meaningless combinations of mode bits. In particular, Linux, following System V (see System V Interface Definition (SVID) Version 3), uses the combination of having the set-group-ID bit enabled while group execute bit is disabled to mean that mandatory locking is enabled for the file. For more details, see the file /usr/src/linux/Documentation/mandatory.txt.

This page describes chmod as found in the fileutils-4.0 package; other versions may differ slightly.

chattr(1), chown(1), install(1), chmod(2), stat(2), umask(2)