chmod(2) 맨 페이지 - 윈디하나의 솔라나라

개요

섹션
맨 페이지 이름
검색(S)

chmod(2)

chmod(2)                         System Calls                         chmod(2)



NAME
       chmod, fchmod, fchmodat - change access permission mode of file

SYNOPSIS
       #include <sys/stat.h>

       int chmod(const char *path, mode_t mode);


       int fchmod(int fildes, mode_t mode);


       int fchmodat(int fd, const char *path, mode_t mode, int flag);

DESCRIPTION
       The  chmod(), fchmod(), and fchmodat() functions set the access permis‐
       sion portion of the mode of the file whose name is  given  by  path  or
       referenced  by  the open file descriptor fildes to the bit pattern con‐
       tained in mode. Access permission bits are interpreted as follows:


       tab(); lw(1.01i) lw(0.69i) lw(3.79i) S_ISUID04000Set user ID on  execu‐
       tion.   S_ISGID020#0T{ Set group ID on execution if # is 7, 5, 3, or 1.
       Enable mandatory file/record locking if  #  is  6,  4,  2,  or  0.   T}
       S_ISVTX01000Sticky  bit.   S_IRWXU00700Read,  write,  execute by owner.
       S_IRUSR00400Read by owner.  S_IWUSR00200Write by owner.  S_IXUSR00100T{
       Execute  (search if a directory) by owner.  T} S_IRWXG00070Read, write,
       execute by group.  S_IRGRP00040Read  by  group.   S_IWGRP00020Write  by
       group.  S_IXGRP00010Execute by group.  S_IRWXO00007Read, write, execute
       (search) by others.  S_IROTH00004Read by others.  S_IWOTH00002Write  by
       others.  S_IXOTH00001Execute by others.



       Modes are constructed by the bitwise OR operation of the access permis‐
       sion bits.


       The effective user ID of the process must match the owner of  the  file
       or  the  process must have the appropriate privilege to change the mode
       of a file.


       If the process is not a privileged process and the file is not a direc‐
       tory, mode bit 01000 (S_ISVTX, the sticky bit) is cleared.


       If  neither  the process is privileged nor the file's group is a member
       of the process's supplementary group list, and the effective  group  ID
       of  the process does not match the group ID of the file, mode bit 02000
       (set group ID on execution) is cleared.


       If a directory is writable and has S_ISVTX (the sticky bit) set,  files
       within  that directory can be removed or renamed only if one or more of
       the following is true (see unlink(2) and rename(2)):

           o      the user owns the file


           o      the user owns the directory


           o      the file is writable by the user


           o      the user is a privileged user



       If a regular file is not executable and has S_ISVTX set,  the  file  is
       assumed  to  be a swap file. In this case, the system's page cache will
       not be used to hold the file's data. If the S_ISVTX bit is set  on  any
       other file, the results are unspecified.


       If  a  directory  has  the  set  group ID bit set, a given file created
       within that directory will have the same group  ID  as  the  directory.
       Otherwise,  the newly created file's group ID will be set to the effec‐
       tive group ID of the creating process.


       If the mode bit 02000 (set group ID on execution) is set and  the  mode
       bit   00010  (execute  or  search  by  group)  is  not  set,  mandatory
       file/record locking will exist on a regular  file,  possibly  affecting
       future calls to open(2), creat(2), read(2), and write(2) on this file.


       If  fildes references a shared memory object, fchmod() need only affect
       the S_IRUSR, S_IRGRP,  S_IROTH,  S_IWUSR,  S_IWGRP,  S_IWOTH,  S_IXUSR,
       S_IXGRP, and S_IXOTH file permission bits.


       If  fildes  refers to a socket, fchmod() does not fail but no action is
       taken.


       If fildes refers to a stream that is attached to an object in the  file
       system  name  space  with  fattach(3C),  the  fchmod() call performs no
       action and returns successfully.


       Upon successful completion, chmod(), fchmod(), and fchmodat() mark  for
       update the st_ctime field of the file.


       The  fchmodat()  function  is  equivalent to chmod() except in the case
       where path specifies a relative path. In  this  case  the  file  to  be
       changed  is  determined  relative  to the directory associated with the
       file descriptor fd instead of the current  working  directory.  If  the
       file  descriptor  was  opened  without  O_SEARCH,  the  function checks
       whether directory searches are permitted using the current  permissions
       of the directory underlying the file descriptor. If the file descriptor
       was opened with O_SEARCH, the function does not perform the  check.  If
       fchmodat()  is  passed  the special value AT_FDCWD in the fd parameter,
       the current working directory is used.


       Values for flag are constructed by a bitwise-inclusive OR of flags from
       the following list, defined in <fcntl.h>

       AT_SYMLINK_NOFOLLOW    If  path names a symbolic link, then the mode of
                              the symbolic link is changed.



       If flag is 0, the behavior shall be identical to a call to chmod().

RETURN VALUES
       Upon successful completion, 0 is returned. Otherwise, −1  is  returned,
       the file mode is unchanged, and errno is set to indicate the error.

ERRORS
       The chmod(), fchmod(), and fchmodat() functions will fail if:

       EPERM    The effective user ID does not match the owner of the file and
                the process does not have appropriate privilege.

                The {PRIV_FILE_OWNER} privilege overrides constraints on  own‐
                ership when changing permissions on a file.

                The  {PRIV_FILE_SETID} privilege overrides constraints on own‐
                ership when adding the setuid or setgid bits to an  executable
                file  or  a  directory.  When  adding the setuid bit to a root
                owned executable, additional restrictions  apply.  See  privi‐
                leges(7).


       EROFS    The  file referred to by path resides on a read-only file sys‐
                tem.



       The chmod() and fchmod() functions will fail if:

       EIO    An I/O error occurred while reading from or writing to the  file
              system.



       The chmod() and fchmodat()functions will fail if:

       EACCES          Search  permission is denied on a component of the path
                       prefix of path. The privilege  {FILE_DAC_SEARCH}  over‐
                       rides file permissions restrictions in that case.


       ELOOP           A  loop exists in symbolic links encountered during the
                       resolution of the path argument.


       ENAMETOOLONG    The length of the path argument  exceeds  PATH_MAX,  or
                       the  length  of a path component exceeds NAME_MAX while
                       _POSIX_NO_TRUNC is in effect.


       ENOENT          Either a component of  the  path  prefix  or  the  file
                       referred  to  by path does not exist or is a null path‐
                       name.


       ENOTDIR         A component of the prefix of path is not a directory.



       The chmod() function will fail if:

       EFAULT     The path argument points to an illegal address.


       ENOLINK    The fildes argument points to a remote machine and the  link
                  to that machine is no longer active.



       The fchmod() function will fail if:

       EBADF      The fildes argument is not an open file descriptor


       ENOLINK    The path argument points to a remote machine and the link to
                  that machine is no longer active.



       The fchmodat() function will fail if:

       EACCES    fd was not opened with O_SEARCH and the  permissions  of  the
                 directory underlying fd do not permit directory searches.


       EBADF     The  path  argument does not specify an absolute path and the
                 fd argument is neither AT_FDCWD nor a valid  file  descriptor
                 open for reading or searching.



       The chmod(), fchmod(), and fchmodat() functions may fail if:

       EINTR     A signal was caught during execution of the function.


       EINVAL    The value of the mode argument is invalid.



       The chmod() and fchmodat() functions may fail if:

       ELOOP           More than {SYMLOOP_MAX} symbolic links were encountered
                       during the resolution of the path argument.


       ENAMETOOLONG    As a result of encountering a symbolic link in  resolu‐
                       tion  of  the  path argument, the length of the substi‐
                       tuted pathname strings exceeds {PATH_MAX}.



       The fchmod() function may fail if:

       EINVAL    The fildes argument refers to a pipe and the system disallows
                 execution of this function on a pipe.



       The fchmodat() function may fail if:

       EINVAL        The value of the flag argument is invalid


       ENOTDIR       The  path argument is not an absolute path and fd is nei‐
                     ther AT_FDCWD nor a file  descriptor  associated  with  a
                     directory


       EOPNOTSUPP    The  AT_SYMLINK_NOFOLLOW bit is set in the flag argument,
                     path names a symbolic link, and the system does not  sup‐
                     port changing the mode of a symbolic link.


EXAMPLES
       Example 1 Set Read Permissions for User, Group, and Others



       The  following  example sets read permissions for the owner, group, and
       others.


         #include <sys/stat.h>

         const char *path;
         ...
         chmod(path, S_IRUSR|S_IRGRP|S_IROTH);


       Example 2 Set Read, Write, and Execute Permissions for the Owner Only



       The following example sets read, write, and execute permissions for the
       owner, and no permissions for group and others.


         #include <sys/stat.h>

         const char *path;
         ...
         chmod(path, S_IRWXU);


       Example 3 Set Different Permissions for Owner, Group, and Other



       The  following  example  sets owner permissions for CHANGEFILE to read,
       write, and execute, group permissions to read and  execute,  and  other
       permissions to read.


         #include <sys/stat.h>

         #define CHANGEFILE "/etc/myfile"
         ...
         chmod(CHANGEFILE, S_IRWXU|S_IRGRP|S_IXGRP|S_IROTH);


       Example 4 Set and Check File Permissions



       The  following  example  sets the file permission bits for a file named
       /home/cnd/mod1, then calls the stat(2) function to verify  the  permis‐
       sions.


         #include <sys/stat.h>

         int status;
         struct stat buffer;
         ...
         chmod("/home/cnd/mod1", S_IRWXU|S_IRWXG|S_IROTH|S_IWOTH);
         status = stat("/home/cnd/mod1", &buffer);
         if (status != 0) {
             perror("stat: /home/cnd/mod1");
         } else if ((buffer.st_mode & S_IAMB)
             != (S_IRWXU|S_IRWXG|S_IROTH|S_IWOTH)) {
             /* Handle failure */
         }



USAGE
       If  chmod(),  fchmod(),  or fchmodat() is used to change the file group
       owner permissions on a file with non-trivial ACL entries, only the  ACL
       mask  is set to the new permissions and the group owner permission bits
       in the file's mode field (defined in mknod(2)) are  unchanged.  A  non-
       trivial  ACL  entry  is  one whose meaning cannot be represented in the
       file's mode field alone. The new ACL mask permissions might change  the
       effective  permissions  for  additional  users and groups that have ACL
       entries on the file.

ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE  TYPEAT‐
       TRIBUTE  VALUE  _  Interface StabilityCommitted _ MT-LevelAsync-Signal-
       Safe _ StandardSee standards(7).


SEE ALSO
       chmod(1), chown(2), creat(2),  fcntl(2),  mknod(2),  open(2),  read(2),
       rename(2),  stat(2),  write(2), fattach(3C), mkfifo(3C), stat.h(3HEAD),
       attributes(7), privileges(7), standards(7)

HISTORY
       The chmod() and fchmod() functions have been included in  all  Sun  and
       Oracle releases of Solaris.


       The  fchmodat()  function  was  added  to  Solaris  in the Solaris 11.0
       release.



Oracle Solaris 11.4               2 Mar 2021                          chmod(2)
맨 페이지 내용의 저작권은 맨 페이지 작성자에게 있습니다.
RSS ATOM XHTML 5 CSS3