1 .\" Copyright (c) 1989, 1990, 1993, 1994
2 .\" The Regents of the University of California. All rights reserved.
4 .\" This code is derived from software contributed to Berkeley by
5 .\" the Institute of Electrical and Electronics Engineers, Inc.
7 .\" Redistribution and use in source and binary forms, with or without
8 .\" modification, are permitted provided that the following conditions
10 .\" 1. Redistributions of source code must retain the above copyright
11 .\" notice, this list of conditions and the following disclaimer.
12 .\" 2. Redistributions in binary form must reproduce the above copyright
13 .\" notice, this list of conditions and the following disclaimer in the
14 .\" documentation and/or other materials provided with the distribution.
15 .\" 3. All advertising materials mentioning features or use of this software
16 .\" must display the following acknowledgement:
17 .\" This product includes software developed by the University of
18 .\" California, Berkeley and its contributors.
19 .\" 4. Neither the name of the University nor the names of its contributors
20 .\" may be used to endorse or promote products derived from this software
21 .\" without specific prior written permission.
23 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
24 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
27 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 .\" @(#)chmod.1 8.4 (Berkeley) 3/31/94
36 .\" $FreeBSD: src/bin/chmod/chmod.1,v 1.33 2002/10/01 20:32:59 trhodes Exp $
43 .Nd change file modes or Access Control Lists
47 .Op Fl R Op Fl H | L | P
52 .Op Fl R Op Fl H | L | P
58 .Op Fl R Op Fl H | L | P
63 .Op Fl R Op Fl H | L | P
68 .Op Fl R Op Fl H | L | P
74 utility modifies the file mode bits of the listed files
77 operand. It may also be used to modify the Access Control
78 Lists (ACLs) associated with the listed files.
80 The generic options are as follows:
83 Do not display a diagnostic message if
85 could not modify the mode for
90 option is specified, symbolic links on the command line are followed.
91 (Symbolic links encountered in the tree traversal are not followed by
94 If the file is a symbolic link, change the mode of the link itself
95 rather than the file that the link points to.
99 option is specified, all symbolic links are followed.
103 option is specified, no symbolic links are followed.
106 Change the modes of the file hierarchies rooted in the files
107 instead of just the files themselves.
111 to be verbose, showing filenames as the mode is modified.
114 flag is specified more than once, the old and new modes of the file
115 will also be printed, in both octal and symbolic notation.
123 options are ignored unless the
126 In addition, these options override each other and the
127 command's actions are determined by the last one specified.
129 Only the owner of a file or the super-user is permitted to change
134 Modes may be absolute or symbolic.
135 An absolute mode is an octal number constructed from the sum of
136 one or more of the following values:
138 .Bl -tag -width 6n -compact -offset indent
140 (the set-user-ID-on-execution bit) Executable files with this bit set
141 will run with effective uid set to the uid of the file owner.
142 Directories with the set-user-id bit set will force all files and
143 sub-directories created in them to be owned by the directory owner
144 and not by the uid of the creating process, if the underlying file
145 system supports this feature: see
152 (the set-group-ID-on-execution bit) Executable files with this bit set
153 will run with effective gid set to the gid of the file owner.
163 Allow write by owner.
165 For files, allow execution by owner.
166 For directories, allow the owner to
167 search in the directory.
169 Allow read by group members.
171 Allow write by group members.
173 For files, allow execution by group members.
174 For directories, allow
175 group members to search in the directory.
177 Allow read by others.
179 Allow write by others.
181 For files, allow execution by others.
182 For directories allow others to
183 search in the directory.
186 For example, the absolute mode that permits read, write and execute by
187 the owner, read and execute by group members, read and execute by
188 others, and no set-uid or set-gid behaviour is 755
189 (400+200+100+040+010+004+001).
191 The symbolic mode is described by the following grammar:
192 .Bd -literal -offset indent
193 mode ::= clause [, clause ...]
194 clause ::= [who ...] [action ...] action
195 action ::= op [perm ...]
196 who ::= a | u | g | o
198 perm ::= r | s | t | w | x | X | u | g | o
203 symbols ``u'', ``g'', and ``o'' specify the user, group, and other parts
204 of the mode bits, respectively.
207 symbol ``a'' is equivalent to ``ugo''.
211 symbols represent the portions of the mode bits as follows:
213 .Bl -tag -width Ds -compact -offset indent
217 The set-user-ID-on-execution and set-group-ID-on-execution bits.
223 The execute/search bits.
225 The execute/search bits if the file is a directory or any of the
226 execute/search bits are set in the original (unmodified) mode.
229 symbol ``X'' are only meaningful in conjunction with the
231 symbol ``+'', and are ignored in all other cases.
233 The user permission bits in the original mode of the file.
235 The group permission bits in the original mode of the file.
237 The other permission bits in the original mode of the file.
242 symbols represent the operation performed, as follows:
245 If no value is supplied for
247 the ``+'' operation has no effect.
248 If no value is supplied for
250 each permission bit specified in
252 for which the corresponding bit in the file mode creation mask
254 Otherwise, the mode bits represented by the specified
260 If no value is supplied for
262 the ``\-'' operation has no effect.
263 If no value is supplied for
265 each permission bit specified in
267 for which the corresponding bit in the file mode creation mask
268 is clear, is cleared.
269 Otherwise, the mode bits represented by the specified
275 The mode bits specified by the
277 value are cleared, or, if no who value is specified, the owner, group
278 and other mode bits are cleared.
279 Then, if no value is supplied for
281 each permission bit specified in
283 for which the corresponding bit in the file mode creation mask
285 Otherwise, the mode bits represented by the specified
294 specifies one or more operations to be performed on the mode
295 bits, and each operation is applied to the mode bits in the
298 Operations upon the other permissions only (specified by the symbol
299 ``o'' by itself), in combination with the
301 symbols ``s'' or ``t'', are ignored.
302 .Sh EXAMPLES OF VALID MODES
303 .Bl -tag -width "u=rwx,go=u-w" -compact
305 make a file readable by anyone and writable by the owner only.
308 deny write permission to group and others.
311 set the read and write permissions to the usual defaults, but
312 retain any execute permissions that are currently set.
315 make a directory or file searchable/executable by everyone if it is
316 already searchable/executable by anyone.
321 make a file readable/executable by everyone and writable by the owner only.
324 clear all mode bits for group and others.
327 set the group bits equal to the user bits, but clear the group write bit.
329 .Sh ACL MANIPULATION OPTIONS
330 ACLs are manipulated using extensions to the symbolic mode
331 grammar. Each file has one ACL, containing an ordered list of entries.
332 Each entry refers to a user or group, and grants or denies a set of
334 In cases where a user and a group exist with the same name, the
335 user/group name can be prefixed with "user:" or "group:" in order to
336 specify the type of name.
338 If the user or group name contains spaces you can use ':' as the delimiter
339 between name and permission.
341 The following permissions are applicable to all filesystem objects:
342 .Bl -tag -width 6n -compact -offset indent
344 Delete the item. Deletion may be granted by either this permission
345 on an object or the delete_child right on the containing directory.
347 Read an objects basic attributes. This is implicitly granted if
348 the object can be looked up and not explicitly denied.
350 Write an object's basic attributes.
352 Read extended attributes.
354 Write extended attributes.
356 Read an object's extended security information (ACL).
358 Write an object's security information (ownership, mode, ACL).
360 Change an object's ownership.
363 The following permissions are applicable to directories:
364 .Bl -tag -width 6n -compact -offset indent
368 Look up files by name.
374 Delete a contained object. See the file delete permission above.
377 The following permissions are applicable to non-directory filesystem objects:
378 .Bl -tag -width 6n -compact -offset indent
384 Open for writing, but in a fashion that only allows writes into areas of
385 the file not previously written.
387 Execute the file as a script or program.
390 ACL inheritance is controlled with the following permissions words, which
391 may only be applied to directories:
392 .Bl -tag -width 6n -compact -offset indent
395 .It directory_inherit
396 Inherit to directories.
398 This flag is only relevant to entries inherited by subdirectories; it
399 causes the directory_inherit flag to be cleared in the entry that is
400 inherited, preventing further nested subdirectories from also
401 inheriting the entry.
403 The entry is inherited by created items but not considered when processing
407 The ACL manipulation options are as follows:
410 The +a mode parses a new ACL entry from the next argument on
411 the commandline and inserts it into the canonical location in the
412 ACL. If the supplied entry refers to an identity already listed, the
413 two entries are combined.
417 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
418 # chmod +a "admin allow write" file1
420 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
423 # chmod +a "guest deny read" file1
425 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
429 # chmod +a "admin allow delete" file1
431 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
434 2: admin allow write,delete
435 # chmod +a "User 1:allow:read" file
437 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
441 3: admin allow write,delete
443 The +a mode strives to maintain correct canonical form for the ACL.
449 By default, chmod adds entries to the top of the local deny and local
450 allow lists. Inherited entries are added by using the +ai mode.
454 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
457 2: admin allow write,delete
458 3: juser inherited deny delete
459 4: admin inherited allow delete
460 5: backup inherited deny read
461 6: admin inherited allow write-security
462 # chmod +ai "others allow read" file1
464 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
467 2: admin allow write,delete
468 3: juser inherited deny delete
469 4: others inherited allow read
470 5: admin inherited allow delete
471 6: backup inherited deny read
472 7: admin inherited allow write-security
474 When a specific ordering is required, the exact location at which an
475 entry will be inserted is specified with the +a# mode.
479 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
483 # chmod +a# 2 "others deny read" file1
485 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
491 The +ai# mode may be used to insert inherited entries at a specific
492 location. Note that these modes allow non-canonical ACL ordering to
495 The -a mode is used to delete ACL entries. All entries exactly
496 matching the supplied entry will be deleted. If the entry lists a
497 subset of rights granted by an entry, only the rights listed are
498 removed. Entries may also be deleted by index using the -a# mode.
502 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
505 2: admin allow write,delete
508 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
510 1: admin allow write,delete
511 # chmod -a "admin allow write" file1
513 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
515 1: admin allow delete
517 Inheritance is not considered when processing the -a mode; rights and
518 entries will be removed regardless of their inherited state.
520 If the user or group name contains spaces you can use ':' as the delimiter
523 # chmod +a "User 1:allow:read" file
525 Individual entries are rewritten using the =a# mode.
529 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
531 1: admin allow delete
532 # chmod =a# 1 "admin allow write,chown"
534 -rw-r--r--+ 1 juser wheel 0 Apr 28 14:06 file1
536 1: admin allow write,chown
538 This mode may not be used to add new entries.
540 Reads the ACL information from stdin, as a sequential list
541 of ACEs, separated by newlines. If the information parses correctly,
542 the existing information is replaced.
544 Returns false if any of the named files have ACLs in non-canonical order.
546 Removes the 'inherited' bit from all entries in the named file(s) ACLs.
548 Removes all inherited entries from the named file(s) ACL(s).
550 Removes the ACL from the named file(s).
555 option is non-standard and its use in scripts is not recommended.
572 utility is expected to be
574 compatible with the exception of the
578 which is not included in that standard.