Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

chmod(1)

chown(2)

group(4)

passwd(4)

chown(1)

NAME

chown, chgrp − change owner or group

SYNOPSIS

chown [ −R ] [ −h ] owner file ... 

chgrp [ −R ] [ −h ] group file ... 

DESCRIPTION

chown changes the owner of the files to owner. The owner may be either a decimal user ID or a login name found in the password file. 

chgrp changes the group ID of the files to group. The group may be either a decimal group ID or a group name found in the group file. 

If either command is invoked by other than the super-user, the set-user-ID and set-group-ID bits of the file mode, 04000 and 02000 respectively, will be cleared. 

Valid options to chown and chgrp are:

−R Recursive.  The command descends through the directory, and any subdirectories, setting the owner or group ID as it proceeds.  When symbolic links are encountered, they are traversed. 

−h If the file is a symbolic link, change the owner or group of the symbolic link.  Without this option, the owner or group of the file referenced by the symbolic link is changed. 

The operating system has a configuration option {_POSIX_CHOWN_RESTRICTED}, to restrict ownership changes.  When this option is in effect the owner of the file is prevented from changing the owner ID of the file, and may change the group of the file only to a group to which the owner belongs.  Only the super-user can arbitrarily change owner IDs whether this option is in effect or not. 

SECURITY FEATURES

The following security features are in effect for systems running CX/SX configured to B1 security. 

When invoked by regular users, chown will fail unless the user and file have identical security labels. 

For regular users, chgrp will set the privilege ID of the named file to the ID of a privilege containing the security label of the file’s current privilege and the group of the privilege refered to by group. chgrp will fail if the new privilege is not defined or if the user and file do not have identical security labels. 

If invoked by super-user, chgrp will set the file’s privilege ID to the privilege referred to by group. If group is a decimal number, super-user can set the file’s privilege ID to a value not defined on the system. 

A file’s security label cannot be changed if the file is being held open by another process and the user’s real user ID is not root (character devices are exempted). 

DIAGNOSTICS

If chgrp fails because of security policy, the error message displayed to the user is “Not owner”.  This happens because chown(2) returns the same error number (EPERM) for different error conditions. 
 

FILES

/etc/passwd
/etc/group
/mls/passwd
/mls/group

SEE ALSO

chmod(1). 
chown(2), group(4), passwd(4) in the CX/UX Programmer’s Reference Manual. 

CX/UX User’s Reference Manual

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026