Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

ls(1)

chmod(2)

chmod(1)

NAME

chmod − change file mode

SYNOPSIS

chmod [ −R ] mode file ... 
chmod [ugoa ]{+ |- |=}[ rwxlstugo ] file ... 

DESCRIPTION

chmod changes or assigns the mode of a file.  The mode of a file specifies its permissions and other attributes.  The mode may be absolute or symbolic. 

An absolute mode is specified using octal numbers:

chmod nnnn file ... 

where n is a number from 0 to 7.  An absolute mode is constructed from the OR of any of the following modes:

4000 Set user ID on execution. 

20#0 Set group ID on execution if # is 7, 5, 3, or 1. 

Enable mandatory locking if # is 6, 4, 2, or 0. 

This bit is ignored if the file is a directory; it may be set or cleared only using the symbolic mode. 

1000 Turn on sticky bit [(see chmod(2)].

0400 Allow read by owner. 

0200 Allow write by owner. 

0100 Allow execute (search in directory) by owner. 

0070 Allow read, write, and execute (search) by group. 

0007 Allow read, write, and execute (search) by others. 

A symbolic mode is specified in the following format:

chmod [ who ]  operator  [ permission(s) ]  file ... 

who is zero or more of the characters u, g, o, and a specifying whose permissions are to be changed or assigned:

u user’s permissions

g group’s permissions

o others’ permissions

a all permissions (user, group, and other)

If who is omitted, it defaults to a. 

operator is one of +, −, or =, signifying how permissions are to be changed:

+ Add permissions. 

− Take away permissions. 

= Assign permissions absolutely. 

Unlike other symbolic operations, = has an absolute effect in that it resets all other bits.  Omitting permission(s) is useful only with = to take away all permissions. 

permission(s) is any compatible combination of the following letters:

r read permission

w write permission

x execute permission

s user or group set-ID

t sticky bit

l mandatory locking

u, g, o indicate that permission is to be taken from the current user, group or other mode respectively. 

Permissions to a file may vary depending on your user identification number (UID) or group identification number (GID).  Permissions are described in three sequences each having three characters:

User Group Other
rwx rwx rwx

This example (user, group, and others all have permission to read, write, and execute a given file) demonstrates two categories for granting permissions: the access class and the permissions themselves. 

Multiple symbolic modes separated by commas may be given, though no spaces may intervene between these modes.  Operations are performed in the order given.  Multiple symbolic letters following a single operator cause the corresponding operations to be performed simultaneously. 

The letter s is only meaningful with u or g, and t only works with u. 

Mandatory file and record locking (l) refers to a file’s ability to have its reading or writing permissions locked while a program is accessing that file. It is not possible to permit group execution and enable a file to be locked on execution at the same time. In addition, it is not possible to turn on the set-group-ID bit and enable a file to be locked on execution at the same time.  The following examples, therefore, are invalid and elicit error messages:

chmod g+x,+l file
chmod g+s,+l file

Only the owner of a file or directory (or the super-user) may change that file’s or directory’s mode.  Only the super-user may set the sticky bit on a non-directory file.  If you are not super-user, chmod will mask the sticky-bit but will not return an error.  In order to turn on a file’s set-group-ID bit, your own group ID must correspond to the file’s and group execution must be set. 

The −R option recursively descends through directory arguments, setting the mode for each file as described above. 

SECURITY FEATURES

On systems running CX/SX , local security policy may prevent regular users from setting the set-user-ID or set-group-ID bits. 

chmod will fail unless the user and file have identical security labels (or the user is super-user). 

EXAMPLES

Deny execute permission to everyone:

chmod a−x file

Allow read permission to everyone:

chmod 444 file

Make a file readable and writable by the group and others:

chmod go+rw file
chmod 066 file

Cause a file to be locked during access:

chmod +l file

Allow everyone to read, write, and execute the file and turn on the set group-ID. 

chmod =rwx,g+s file
chmod 2777 file

Absolute changes don’t work for the set-group-ID bit of a directory.  You must use g+s or g-s. 

SEE ALSO

ls(1). 
chmod(2) in the CX/UX Programmer’s Reference Manual

NOTES

chmod permits you to produce useless modes so long as they are not illegal (e.g., making a text file executable).  chmod does not check the file type to see if mandatory locking is available. 

CX/UX User’s Reference Manual

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026