chmod
   HOME

TheInfoList



OR:

In
Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...
and
Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...
s, is the
command Command may refer to: Computing * Command (computing), a statement in a computer language * COMMAND.COM, the default operating system shell and command-line interpreter for DOS * Command key, a modifier key on Apple Macintosh computer keyboards * ...
and
system call In computing, a system call (commonly abbreviated to syscall) is the programmatic way in which a computer program requests a service from the operating system on which it is executed. This may include hardware-related services (for example, acc ...
used to change the access permissions and the special mode flags (the ''setuid'', ''setgid'', and ''sticky'' flags) of
file system In computing, file system or filesystem (often abbreviated to fs) is a method and data structure that the operating system uses to control how data is stored and retrieved. Without a file system, data placed in a storage medium would be one larg ...
objects ( files and
directories Directory may refer to: * Directory (computing), or folder, a file system structure in which to store computer files * Directory (OpenVMS command) * Directory service, a software application for organizing information about a computer network's u ...
). Collectively these were originally called its modes, and the name was chosen as an abbreviation of ''change mode''.


History

A command first appeared in
AT&T AT&T Inc. is an American multinational telecommunications holding company headquartered at Whitacre Tower in Downtown Dallas, Texas. It is the world's largest telecommunications company by revenue and the third largest provider of mobile tel ...
UNIX Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...
version 1, along with the system call. As systems grew in number and types of users,
access-control list In computer security, an access-control list (ACL) is a list of permissions associated with a system resource (object). An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on give ...
s were added to many file systems in addition to these most basic modes to increase flexibility. The version of bundled in
GNU GNU () is an extensive collection of free software (383 packages as of January 2022), which can be used as an operating system or can be used in parts with other operating systems. The use of the completed GNU tools led to the family of operat ...
coreutils The GNU Core Utilities or coreutils is a package of GNU software containing implementations for many of the basic tools, such as cat, ls, and rm, which are used on Unix-like operating systems. In September 2002, the ''GNU coreutils'' were cr ...
was written by David MacKenzie and Jim Meyering. The command is available as a separate package for
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
as part of the
UnxUtils UnxUtils is a collection of ports of common GNU Unix-like utilities to native Win32, with executables only depending on the Microsoft C- runtime msvcrt.dll. The collection was last updated externally on April 15, 2003, by Karl M. Syring. The mo ...
collection of
native Native may refer to: People * Jus soli, citizenship by right of birth * Indigenous peoples, peoples with a set of specific rights based on their historical ties to a particular territory ** Native Americans (disambiguation) In arts and entert ...
Win32 The Windows API, informally WinAPI, is Microsoft's core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems. The name Windows API collectively refers to several different platform implementations th ...
ports A port is a maritime facility comprising one or more wharves or loading areas, where ships load and discharge cargo and passengers. Although usually situated on a sea coast or estuary, ports can also be found far inland, such as Ham ...
of common GNU Unix-like utilities. The command has also been ported to the
IBM i IBM i (the ''i'' standing for ''integrated'') is an operating system developed by IBM for IBM Power Systems. It was originally released in 1988 as OS/400, as the sole operating system of the IBM AS/400 line of systems. It was renamed to i5/OS in ...
operating system.


Command syntax

Throughout this section, ''ser'' refers to the owner of the file, as a reminder that the symbolic form of the command uses "u". chmod ptionsmode
mode Mode ( la, modus meaning "manner, tune, measure, due measure, rhythm, melody") may refer to: Arts and entertainment * '' MO''D''E (magazine)'', a defunct U.S. women's fashion magazine * ''Mode'' magazine, a fictional fashion magazine which is ...
file1 ile2 .../code> Usually implemented options include: * Recursive, i.e. include objects in subdirectories. * verbose, show objects changed (unchanged objects are not shown). If a
symbolic link In computing, a symbolic link (also symlink or soft link) is a file whose purpose is to point to a file or directory (called the "target") by specifying a path thereto. Symbolic links are supported by POSIX and by most Unix-like operating system ...
is specified, the target object is affected. File modes directly associated with symbolic links themselves are typically not used. To view the file mode, the or commands may be used: $ ls -l findPhoneNumbers.sh -rwxr-xr-- 1 dgerman staff 823 Dec 16 15:03 findPhoneNumbers.sh $ stat -c %a findPhoneNumbers.sh 754 The , , and specify the read, write, and execute access (the first character of the display denotes the object type; a
hyphen The hyphen is a punctuation mark used to join words and to separate syllables of a single word. The use of hyphens is called hyphenation. ''Son-in-law'' is an example of a hyphenated word. The hyphen is sometimes confused with dashes (figure d ...
represents a plain file). The script can be read, written to, and executed by the user ; read and executed by members of the group; and only read by any other users. The main parts of the permissions: For example: Each group of three characters define permissions for each ''
class Class or The Class may refer to: Common uses not otherwise categorized * Class (biology), a taxonomic rank * Class (knowledge representation), a collection of individuals or objects * Class (philosophy), an analytical concept used differentl ...
'': * the three leftmost characters, , define permissions for the ''User'' class (i.e. the file owner). * the middle three characters, , define permissions for the ''Group'' class (i.e. the
group A group is a number of persons or things that are located, gathered, or classed together. Groups of people * Cultural group, a group whose members share the same cultural identity * Ethnic group, a group whose members share the same ethnic iden ...
owning the file) * the rightmost three characters, , define permissions for the ''Others'' class. In this example, users who are not the owner of the file and who are not members of the ''Group'' (and, thus, are in the ''Others'' class) have no permission to access the file.


Numerical permissions

The numerical format accepts up to four digits. The three rightmost digits define permissions for the file user, the group, and others. The optional leading digit, when 4 digits are given, specifies the special , , and flags. Each digit of the three rightmost digits represents a binary value, which controls the "read", "write" and "execute" permissions respectively. A value of 1 means a class is allowed that action, while a 0 means it is disallowed. For example, would allow: * "read" (4), "write" (2), and "execute" (1) for the ''User'' class; i.e., 7 (4 + 2 + 1). * "read" (4) and "execute" (1) for the ''Group'' class; i.e., 5 (4 + 1). * Only "read" (4) for the ''Others'' class. A numerical code permits execution if and only if it is
odd Odd means unpaired, occasional, strange or unusual, or a person who is viewed as eccentric. Odd may also refer to: Acronym * ODD (Text Encoding Initiative) ("One Document Does it all"), an abstracted literate-programming format for describing X ...
(i.e. , , , or ). A numerical code permits "read" if and only if it is greater than or equal to (i.e. , , , or ). A numerical code permits "write" if and only if it is , , , or .


Numeric example

Change permissions to permit members of the group to update a file: $ ls -l sharedFile -rw-r--r-- 1 jsmith programmers 57 Jul 3 10:13 sharedFile $ chmod 664 sharedFile $ ls -l sharedFile -rw-rw-r-- 1 jsmith programmers 57 Jul 3 10:13 sharedFile Since the , and bits are not specified, this is equivalent to: $ chmod 0664 sharedFile


Symbolic modes

The command also accepts a finer-grained symbolic notation, which allows modifying specific modes while leaving other modes untouched. The symbolic mode is composed of three components, which are combined to form a single string of text: $ chmod eferencesoperator]
odes Odes may refer to: *The plural of ode, a type of poem *Odes (Horace), ''Odes'' (Horace), a collection of poems by the Roman author Horace, circa 23 BCE *Odes of Solomon, a pseudepigraphic book of the Bible *Book of Odes (Bible), a Deuterocanonic ...
file ...
Classes of users are used to distinguish to whom the permissions apply. If no classes are specified "all" is implied. The classes are represented by one or more of the following letters: The program uses an operator to specify how the modes of a file should be adjusted. The following operators are accepted: The modes indicate which permissions are to be granted or removed from the specified classes. There are three basic modes which correspond to the basic permissions: Multiple changes can be specified by separating multiple symbolic modes with commas (without spaces). If a user is not specified, chmod will check the
umask In computing, umask is a command (computing), command that determines the settings of a Mask (computing), mask that controls how file permissions are set for newly created files. It may also affect how the file permissions are changed explicitly. ...
and the effect will be as if "a" was specified except bits that are set in the umask are not affected.


Symbolic examples

* Add write permission () to the Group's () access modes of a directory, allowing users in the same group to add files: $ ls -ld shared_dir # show access modes before chmod drwxr-xr-x 2 jsmitt northregion 96 Apr 8 12:53 shared_dir $ chmod g+w shared_dir $ ls -ld shared_dir # show access modes after chmod drwxrwxr-x 2 jsmitt northregion 96 Apr 8 12:53 shared_dir * Remove write permissions () for all classes (), preventing anyone from writing to the file: $ ls -l ourBestReferenceFile -rw-rw-r-- 2 tmiller northregion 96 Apr 8 12:53 ourBestReferenceFile $ chmod a-w ourBestReferenceFile $ ls -l ourBestReferenceFile -r--r--r-- 2 tmiller northregion 96 Apr 8 12:53 ourBestReferenceFile * Set the permissions for the ''ser'' and the Group () to read and execute () only (no write permission) on , preventing anyone from adding files. $ ls -ld referenceLib drwxr----- 2 ebowman northregion 96 Apr 8 12:53 referenceLib $ chmod ug=rx referenceLib $ ls -ld referenceLib dr-xr-x--- 2 ebowman northregion 96 Apr 8 12:53 referenceLib * Add the read and write permissions to the user and group classes of a file or directory named : $ chmod ug+rw sample $ ls -ld sample drw-rw---- 2 rsanchez budget 96 Dec 8 12:53 sample * Remove all permissions, allowing no one to read, write, or execute the file named to no useful end. $ chmod a-rwx sample $ ls -l sample ---------- 2 rswven planning 96 Dec 8 12:53 sample * Change the permissions for the user and the group to read and execute only (no write permission) on . $ # Sample file permissions before command $ ls -ld sample drw-rw---- 2 oschultz warehousing 96 Dec 8 12:53 NY_DBs $ chmod ug=rx sample $ ls -ld sample dr-xr-x--- 2 oschultz warehousing 96 Dec 8 12:53 NJ_DBs


Special modes

The command is also capable of changing the additional permissions or special modes of a file or directory. The symbolic modes use '' to represent the ''
setuid The Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Rit ...
'' and ''
setgid The Unix access rights flags setuid and setgid (short for ''set user identity'' and ''set group identity'') allow users to run an executable with the file system permissions of the executable's owner or group respectively and to change behaviour ...
'' modes, and '' to represent the ''
sticky Sticky may refer to: People *Sticky (musician), alias of UK garage producer Richard Forbes * Sticky Fingaz or Sticky (born 1973), nickname of the US rapper and actor Kirk Jones Adhesion *Adhesion Adhesion is the tendency of dissimilar ...
'' mode. The modes are only applied to the appropriate classes, regardless of whether or not other classes are specified. Most operating systems support the specification of special modes numerically, particularly in octal, but some do not. On these systems, only the symbolic modes can be used.


Command line examples


See also

*
File-system permissions Most file systems include attributes of files and directories that control the ability of users to read, change, navigate, and execute the contents of the file system. In some cases, menu options or functions may be made visible or hidden depending ...
*
chattr is the command in Linux that allows a user to set certain attributes of a file. is the command that displays the attributes of a file. Most BSD-like systems, including macOS, have always had an analogous command to set the attributes, but no ...
, the command used to change the attributes of a file or directory on Linux systems *
chown The command , an abbreviation of ''change owner'', is used on Unix and Unix-like operating systems to change the owner of file system files, directories. Unprivileged (regular) users who wish to change the group membership of a file that they ...
, the command used to change the owner of a file or directory on Unix-like systems *
chgrp The (from change group) command may be used by unprivileged users on various operating systems to change the group associated with a file system object (such as a computer file, directory, or link) to one of which they are a member. A file syst ...
, the command used to change the group of a file or directory on Unix-like systems *
cacls In Microsoft Windows, cacls and its replacement, icacls, native command-line utilities capable of displaying and modifying the security descriptors on folders and files. An access-control list is a list of permissions for securable object, such ...
, a command used on
Windows NT Windows NT is a proprietary graphical operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems sc ...
and its derivatives to modify the access control lists associated with a file or directory * attrib *
umask In computing, umask is a command (computing), command that determines the settings of a Mask (computing), mask that controls how file permissions are set for newly created files. It may also affect how the file permissions are changed explicitly. ...
, restricts mode (permissions) at file or directory creation on Unix-like systems *
User identifier Unix-like operating systems identify a user by a value called a user identifier, often abbreviated to user ID or UID. The UID, along with the group identifier (GID) and other access control criteria, is used to determine which system resources a us ...
*
Group identifier In Unix-like systems, multiple users can be put into ''groups''. POSIX and conventional Unix file system permissions are organized into three classes, ''user'', ''group'', and ''others''. The use of groups allows additional abilities to be delega ...
*
List of Unix commands This is a list of Unix commands as specified by IEEE Std 1003.1-2008, which is part of the Single UNIX Specification (SUS). These commands can be found on Unix operating systems and most Unix-like operating systems. List See also * List of G ...


References


External links

* * *
chmod
— manual page from
GNU GNU () is an extensive collection of free software (383 packages as of January 2022), which can be used as an operating system or can be used in parts with other operating systems. The use of the completed GNU tools led to the family of operat ...
coreutils The GNU Core Utilities or coreutils is a package of GNU software containing implementations for many of the basic tools, such as cat, ls, and rm, which are used on Unix-like operating systems. In September 2002, the ''GNU coreutils'' were cr ...
.
GNU "Setting Permissions" manual

CHMOD-Win 3.0
— Freeware Windows' ACL ↔ CHMOD converter.

{{Use dmy dates, date=January 2018 File system permissions Operating system security Standard Unix programs Unix file system-related software Unix SUS2008 utilities Plan 9 commands Inferno (operating system) commands IBM i Qshell commands