chmod - Change file modes

chmod [ -R [-H | -L | -P] ] [ -h ] mode file ...

Description

The chmod utility modifies the file mode bits of file as specified by the mode operand.

To change the mode of a file, you must have one of the following authorities:

• The current user has *ALLOBJ special authority.
• The current user is the owner of the file.

By default, chmod follows symbolic links and changes the mode on the file pointed to by the symbolic link. Symbolic links do not have modes so using chmod on a symbolic link always succeeds and has no effect.

The -H, -L and -P options are ignored unless the -R option is specified. In addition, these options override each other and the command's actions are determined by the last one specified.

Note that chmod changes the i5/OS^(TM) data authorities for an object. Use the CHGAUT CL command to change the i5/OS^(TM) object authorities for an object.

Options

-H

If the -R option is specified, symbolic links on the command line are followed. Symbolic links encountered in the tree traversal are not followed. Since symbolic links do not have modes chmod has no effect on the symbolic links.

-L

If the -R option is specified, both symbolic links on the command line and symbolic links encountered in the tree traversal are followed.

-P

If the -R option is specified, no symbolic links are followed. Since symbolic links do not have modes chmod has no effect on the symbolic links.

-R

If file designates a directory, chmod changes the mode of each file in the entire subtree connected at that point.

-h

Do not follow symbolic links. Since symbolic links do not have modes chmod has no effect on the symbolic links.

Operands

A mode may be absolute or symbolic. An absolute mode is a three or four digit octal number constructed by or-ing the following values:

4000

Set-user-id on execute bit

2000

Set-group-id on execute bit

1000

Restricted deletion bit for a directory

0400

Allow read by owner

0200

Allow write by owner

0100

Allow execute/search by owner

0040

Allow read by group

0020

Allow write by group

0010

Allow execute/search by group

0004

Allow read by other

0002

Allow write by other

0001

Allow execute/search by other

A symbolic mode is described by the following grammar:

• mode ::= clause [, clause ...]
• clause ::= [who ...] [action ...] last_action
• action ::= op [perm ...]
• last_action ::= op [perm ...]
• who ::= a | u | g | o
• op ::= + | - | =
• perm ::= r | w | x | X | s | t | u | g | o

The who symbols specify who is granted or denied the permissions as follows:

u

The owner permission bits.

g

The group permission bits.

o

The other permission bits.

a

The owner, group, and other permission bits. It is equivalent to specifying the ugo symbols together.

The op symbols represent the operation performed, as follows:

+

Grant the specified permission. If no value is supplied for perm, the "+" operation has no effect. If no value is supplied for who, each permission bit specified in perm, for which the corresponding bit in the file mode creation mask is clear, is set. Otherwise, the mode bits represented by the specified who and perm values are set.

-

Deny the specified permission. If no value is supplied for perm, the "-" operation has no effect. If no value is supplied for who, each permission bit specified in perm, for which the corresponding bit in the file mode creation mask is clear, is cleared. Otherwise, the mode bits represented by the specified who and perm values are cleared.

=

Clear the selected permission field and set it to the specified permission. The mode bits specified by the who value are cleared, or, if no who value is specified, the owner, group and other mode bits are cleared. Then, if no value is supplied for who, each permission bit specified in perm, for which the corresponding bit in the file mode creation mask is clear, is set. Otherwise, the mode bits represented by the specified who and perm values are set.

The perm symbols represent the portions of the mode bits as follows:

r

The read bits.

w

The write bits.

x

The execute/search bits.

X

The execute/search bits if the file is a directory or if any of the execute/search bits are set in the original (unmodified) mode. Operations with this symbol are only meaningful in conjunction with the op symbol "+", and are ignored in all other cases.

s

The set-user-id on execute bit when the owner permission bits are set or the set-group-id on execute bit when the group permission bits are set.

t

The restricted deletion bit when the object is a directory. It can be used when the who symbol is a or there is no who symbol. It is ignored if the file is not a directory or the who symbol is u, g, or o.

Each clause specifies one or more operations to be performed on the mode bits, and each operation is applied to the mode bits in the order specified.

Exit Status

• 0 on success
• >0 if an error occurs

Related information

• chgrp - Change file group permission
• chown - Change file ownership

1. Grant read and write permission to owner and read permission to group and other using an absolute mode.

   chmod 644 myfile
   

2. Deny write permission to group and other.

   chmod go-w myfile
   

3. Clear all permissions that are currently set and grant read and write permissions to owner, group, and other.

   chmod =rw myfile
   

4. Grant search permission on a directory to owner, group, and other if search permission is set for one them.

   chmod +X mydir
   

5. Grant read, write, and execute permission to owner and read and execute permission to group and other using an absolute mode.

   chmod 755 myfile
   

6. Clear all permissions for group and other.

   chmod go= myfile
   

7. Set the group permissions equal to the owner permission, but deny write permission to the group.

   chmod g=u-w myfile
   

8. Set the set-user-id on execute bit and grant read, write, and execute permission to the owner and execute permission for other using an absolute mode.

   chmod 4701 myfile