13.3 chmod: Change access permissions

chmod changes the access permissions of the named files. Synopsis:

chmod [option]... {mode | --reference=ref_file} file...

chmod doesn’t change the permissions of symbolic links, since the chmod system call cannot change their permissions on most systems, and most systems ignore permissions of symbolic links. However, for each symbolic link listed on the command line, chmod changes the permissions of the pointed-to file. In contrast, chmod ignores symbolic links encountered during recursive directory traversals. Options that modify this behavior are described below.

Only a process whose effective user ID matches the user ID of the file, or a process with appropriate privileges, is permitted to change the file mode bits of a file.

A successful use of chmod clears the set-group-ID bit of a regular file if the file’s group ID does not match the user’s effective group ID or one of the user’s supplementary group IDs, unless the user has appropriate privileges. Additional restrictions may cause the set-user-ID and set-group-ID bits of mode or ref_file to be ignored. This behavior depends on the policy and functionality of the underlying chmod system call. When in doubt, check the underlying system behavior.

If used, mode specifies the new file mode bits. For details, see the section on File permissions. If you really want mode to have a leading ‘-’, you should use -- first, e.g., ‘chmod -- -w file’. Typically, though, ‘chmod a-w file’ is preferable, and chmod -w file (without the --) complains if it behaves differently from what ‘chmod a-w file’ would do.

The program accepts the following options. Also see Common options.

-c
--changes

Verbosely describe the action for each file whose permissions actually change.

--dereference

Do not act on symbolic links themselves but rather on what they point to. This is the default for command line arguments, but not for symbolic links encountered when recursing.

Combining this dereferencing option with the --recursive option may create a security risk: During the traversal of the directory tree, an attacker may be able to introduce a symlink to an arbitrary target; when the tool reaches that, the operation will be performed on the target of that symlink, possibly allowing the attacker to escalate privileges.

-h
--no-dereference

Act on symbolic links themselves instead of what they point to. On systems that do not support this, no diagnostic is issued, but see --verbose.

-f
--silent
--quiet

Do not print error messages about files whose permissions cannot be changed.

--preserve-root

Fail upon any attempt to recursively change the root directory, /. Without --recursive, this option has no effect. See Treating / specially.

--no-preserve-root

Cancel the effect of any preceding --preserve-root option. See Treating / specially.

-v
--verbose

Verbosely describe the action or non-action taken for every file.

--reference=ref_file

Change the mode of each file to be the same as that of ref_file. See File permissions. If ref_file is a symbolic link, do not use the mode of the symbolic link, but rather that of the file it refers to.

-R
--recursive

Recursively change permissions of directories and their contents.

-H

If --recursive (-R) is specified and a command line argument is a symbolic link to a directory, traverse it. This is the default if none of -H, -L, or -P is specified. See Traversing symlinks.

-L

In a recursive traversal, traverse every symbolic link to a directory that is encountered.

Combining this dereferencing option with the --recursive option may create a security risk: During the traversal of the directory tree, an attacker may be able to introduce a symlink to an arbitrary target; when the tool reaches that, the operation will be performed on the target of that symlink, possibly allowing the attacker to escalate privileges.

See Traversing symlinks.

-P

Do not traverse any symbolic links. See Traversing symlinks.

An exit status of zero indicates success, and a nonzero value indicates failure.

Examples:

# Change file permissions of FOO to be world readable
# and user writable, with no other permissions.
chmod 644 foo
chmod a=r,u+w foo

# Add user and group execute permissions to FOO.
chmod +110 file
chmod ug+x file

# Set file permissions of DIR and subsidiary files to
# be the umask default, assuming execute permissions for
# directories and for files already executable.
chmod -R a=,+rwX dir