bin/chmod/chmod.1

.\"	$NetBSD: chmod.1,v 1.29 2023/05/05 04:14:02 kre Exp $
.\"
.\" Copyright (c) 1989, 1990, 1993, 1994
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" This code is derived from software contributed to Berkeley by
.\" the Institute of Electrical and Electronics Engineers, Inc.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"	@(#)chmod.1	8.4 (Berkeley) 3/31/94
.\"
.Dd August 11, 2016
.Dt CHMOD 1
.Os
.Sh NAME
.Nm chmod
.Nd change file modes
.Sh SYNOPSIS
.Nm
.Oo
.Fl R
.Op Fl H | Fl L | Fl P
.Oc
.Op Fl dfh
.Ar mode
.Ar
.Nm
.Oo
.Fl R
.Op Fl H | Fl L | Fl P
.Oc
.Op Fl dfh
.Fl Fl reference=rfile
.Ar
.Sh DESCRIPTION
The
.Nm
utility modifies the file mode bits of the listed files
as specified by the
.Ar mode
operand, or
copied from a reference
.Ar rfile ,
as specified with the
.Fl Fl reference
argument.
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl H
If the
.Fl R
option is specified, symbolic links on the command line are followed.
(Symbolic links encountered in the tree traversal are not followed.)
.It Fl L
If the
.Fl R
option is specified, all symbolic links are followed.
.It Fl P
If the
.Fl R
option is specified, no symbolic links are followed.
.It Fl R
Change the modes of the file hierarchies rooted in the
.Ar file Ns s
instead of just the files themselves.
.It Fl d
Do not attempt to change the mode of a
.Ar file
if its mode is already as requested.
.It Fl f
Do not display a diagnostic message or modify the exit status if
.Nm
fails to change the mode of a
.Ar file .
.It Fl h
If
.Ar file
is symbolic link, the mode of the link is changed.
.El
.Pp
The
.Fl H ,
.Fl L
and
.Fl P
options are ignored unless the
.Fl R
option is specified.
In addition, these options override each other and the
command's actions are determined by the last one specified.
The default is as if the
.Fl P
option had been specified.
.Pp
Only the owner of a file or the super-user is permitted to change
the mode of a file.
.Sh EXIT STATUS
.Ex -std chmod
.Sh MODES
Modes may be absolute or symbolic.
An absolute mode is an octal number constructed by
.Em or Ap ing
the following values:
.Pp
.Bl -tag -width 6n -compact -offset indent
.It Li 4000
set-user-ID-on-execution
.It Li 2000
set-group-ID-on-execution
.It Li 1000
sticky bit, see
.Xr chmod 2
.It Li 0400
read by owner
.It Li 0200
write by owner
.It Li 0100
execute (or search for directories) by owner
.It Li 0070
read, write, execute/search by group
.It Li 0007
read, write, execute/search by others
.El
.Pp
The read, write, and execute/search values for group and others
are encoded as described for owner.
.Pp
The symbolic mode is described by the following grammar:
.Bd -literal -offset indent
mode         ::= clause [, clause ...]
clause       ::= [who ...] [action ...] last_action
action       ::= op [perm ...]
last_action  ::= op [perm ...]
who          ::= a | u | g | o
op           ::= + | \- | =
perm         ::= r | s | t | w | x | X | u | g | o
.Ed
.Pp
The
.Ar who
symbols ``u'', ``g'', and ``o'' specify the user, group, and other parts
of the mode bits, respectively.
The
.Ar who
symbol ``a'' is equivalent to ``ugo''.
.Pp
The
.Ar perm
symbols represent the portions of the mode bits as follows:
.Pp
.Bl -tag -width Ds -compact -offset indent
.It r
The read bits.
.It s
The set-user-ID-on-execution and set-group-ID-on-execution bits.
.It t
The sticky bit.
.It w
The write bits.
.It x
The execute/search bits.
.It X
The execute/search bits if the file is a directory or any of the
execute/search bits are set in the original (unmodified) mode.
Operations with the
.Ar perm
symbol ``X'' are only meaningful in conjunction with the
.Ar op
symbol ``+'', and are ignored in all other cases.
.It u
The user permission bits in the mode of the original file.
.It g
The group permission bits in the mode of the original file.
.It o
The other permission bits in the mode of the original file.
.El
.Pp
The
.Ar op
symbols represent the operation performed, as follows:
.Bl -tag -width 4n
.It +
If no value is supplied for
.Ar perm ,
the ``+'' operation has no effect.
If no value is supplied for
.Ar who ,
each permission bit specified in
.Ar perm ,
for which the corresponding bit in the file mode creation mask
is clear, is set.
Otherwise, the mode bits represented by the specified
.Ar who
and
.Ar perm
values are set.
.It \&\-
If no value is supplied for
.Ar perm ,
the ``\-'' operation has no effect.
If no value is supplied for
.Ar who ,
each permission bit specified in
.Ar perm ,
for which the corresponding bit in the file mode creation mask
is clear, is cleared.
Otherwise, the mode bits represented by the specified
.Ar who
and
.Ar perm
values are cleared.
.It =
The mode bits specified by the
.Ar who
value are cleared, or, if no who value is specified, the owner, group
and other mode bits are cleared.
Then, if no value is supplied for
.Ar who ,
each permission bit specified in
.Ar perm ,
for which the corresponding bit in the file mode creation mask
is clear, is set.
Otherwise, the mode bits represented by the specified
.Ar who
and
.Ar perm
values are set.
.El
.Pp
Each
.Ar clause
specifies one or more operations to be performed on the mode
bits, and each operation is applied to the mode bits in the
order specified.
.Pp
Operations upon the other permissions only (specified by the symbol
``o'' by itself), in combination with the
.Ar perm
symbols ``s'' or ``t'', are ignored.
.Sh EXAMPLES
.Bl -tag -width "u=rwx,go=u-w" -compact
.It Li 644
make a file readable by anyone and writable by the owner only.
.Pp
.It Li go-w
deny write permission to group and others.
.Pp
.It Li =rw,+X
set the read and write permissions to the usual defaults, but
retain any execute permissions that are currently set.
.Pp
.It Li +X
make a directory or file searchable/executable by everyone if it is
already searchable/executable by anyone.
.Pp
.It Li 755
.It Li u=rwx,go=rx
.It Li u=rwx,go=u-w
make a file readable/executable by everyone and writable by the owner only.
.Pp
.It Li go=
clear all mode bits for group and others.
.Pp
.It Li g=u-w
set the group bits equal to the user bits, but clear the group write bit.
.El
.Sh SEE ALSO
.Xr chflags 1 ,
.Xr install 1 ,
.Xr chmod 2 ,
.Xr stat 2 ,
.Xr umask 2 ,
.Xr fts 3 ,
.Xr setmode 3 ,
.Xr symlink 7 ,
.Xr chown 8
.Sh STANDARDS
The
.Nm
utility is expected to be
.St -p1003.2-92
compatible with the exception of the
.Ar perm
symbol
.Dq t
which is not included in that standard.
.Sh HISTORY
A
.Nm
utility appeared in
.At v1 .
.Sh BUGS
There's no
.Ar perm
option for the naughty bits.