Open System Services Shell and Utilities Reference Manual (G06.29+, H06.08+, J06.03+)
User Commands (c) chmod(1)
ADMINISTRATOR group.
If chmod is invoked by a process whose effective user ID does not equal the super ID or file
owner, the set-user-ID and set-group-ID bits of the file mode (04000 and 02000, respectively) are
cleared.
Access Control Lists (ACLs)
When you execute the chmod command, you can change the effective permissions granted by
optional entries in the ACL for a file. In particular, using the chmod command to remove read,
write, and execute permissions from a file owner, owning group, and all others works as
expected, because the chmod command affects the class entry in the ACL, limiting any access
that can be granted to additional users or groups through optional ACL entries. To verify the
effect, use getacl command on the file after the chmod command completes and note that all
optional (nondefault) ACL entries with nonzero permissions also have the comment
# effective:---.
To set the permission bits of access control list entries, use the setacl command instead of the
chmod command.
ACLs are not supported for symbolic links.
Symbolic Mode
Symbolic mode has the form:
[who] operation permission[, operation permission ...]
The who argument specifies whether you are defining permissions for a user, group, or all others,
or any combination of these. The operation argument specifies whether the permission is being
added, removed, or assigned absolutely. The permission argument identifies the operation that
the specified users can perform on file.
Valid options for the who argument are as follows:
a User, group, and all others (same effect as the combination ugo)
g Group
o All others
u User (owner)
If the who argument is omitted, the default value is a, but the setting of the file creation
mask, umask (see the reference page for sh(1)), is applied.
Valid options for the operation argument are as follows:
- Removes specified permissions.
+ Adds specified permissions.
= Clears the selected permission field and sets it to the specified code. If you
do not specify a permission code following =, the chmod command removes
all permissions from the selected field.
Valid options for the permission argument are as follows:
r Read permission.
w Write permission.
527188-021 Hewlett-Packard Company 2−
73