chmod, fchmod — change permissions of a file
#include <sys/types.h> #include <sys/stat.h>
int
chmod( |
const char * | path, |
mode_t | mode) ; |
int
fchmod( |
int | fildes, |
mode_t | mode) ; |
The mode of the file given by path
or referenced by
fildes
is
changed.
Modes are specified by or'ing
the following:
S_ISUID
04000 set user ID on execution
S_ISGID
02000 set group ID on execution
S_ISVTX
01000 sticky bit
S_IRUSR
00400 read by owner
S_IWUSR
00200 write by owner
S_IXUSR
00100 execute/search by owner
S_IRGRP
00040 read by group
S_IWGRP
00020 write by group
S_IXGRP
00010 execute/search by group
S_IROTH
00004 read by others
S_IWOTH
00002 write by others
S_IXOTH
00001 execute/search by others
The effective UID of the calling process must match the
owner of the file, or the process must be privileged (Linux:
it must have the CAP_FOWNER
capability).
If the calling process is not privileged (Linux: does not
have the CAP_FSETID
capability), and the group of the file does not match the
effective group ID of the process or one of its supplementary
group IDs, the S_ISGID bit will be turned off, but this will
not cause an error to be returned.
As a security measure, depending on the file system, the
set-user-ID and set-group-ID execution bits may be turned off
if a file is written. (On Linux this occurs if the writing
process does not have the CAP_FSETID
capability.) On some file
systems, only the superuser can set the sticky bit, which may
have a special meaning. For the sticky bit, and for
set-user-ID and set-group-ID bits on directories, see
stat(2).
On NFS file systems, restricting the permissions will immediately influence already open files, because the access control is done on the server, but open files are maintained by the client. Widening the permissions may be delayed for other clients if attribute caching is enabled on them.
On success, zero is returned. On error, −1 is
returned, and errno
is set
appropriately.
Depending on the file system, other errors can be
returned. The more general errors for chmod
() are listed below:
Search permission is denied on a component of the path prefix. (See also path_resolution(2).)
path
points
outside your accessible address space.
An I/O error occurred.
Too many symbolic links were encountered in
resolving path
.
path
is too
long.
The file does not exist.
Insufficient kernel memory was available.
A component of the path prefix is not a directory.
The effective UID does not match the owner of the
file, and the process is not privileged (Linux: it does
not have the CAP_FOWNER
capability).
The named file resides on a read-only file system.
The general errors for fchmod
() are listed below:
The file descriptor fildes
is not valid.
See above.
See above.
See above.
chown(2), execve(2), fchmodat(2), open(2), path_resolution(2), stat(2)
|