(libc.info.gz) Setting Permissions

Info Catalog (libc.info.gz) Access Permission (libc.info.gz) File Attributes (libc.info.gz) Testing File Access
 
 14.9.7 Assigning File Permissions
 ---------------------------------
 
 The primitive functions for creating files (for example, 'open' or
 'mkdir') take a MODE argument, which specifies the file permissions to
 give the newly created file.  This mode is modified by the process's
 "file creation mask", or "umask", before it is used.
 
    The bits that are set in the file creation mask identify permissions
 that are always to be disabled for newly created files.  For example, if
 you set all the "other" access bits in the mask, then newly created
 files are not accessible at all to processes in the "other" category,
 even if the MODE argument passed to the create function would permit
 such access.  In other words, the file creation mask is the complement
 of the ordinary access permissions you want to grant.
 
    Programs that create files typically specify a MODE argument that
 includes all the permissions that make sense for the particular file.
 For an ordinary file, this is typically read and write permission for
 all classes of users.  These permissions are then restricted as
 specified by the individual user's own file creation mask.
 
    To change the permission of an existing file given its name, call
 'chmod'.  This function uses the specified permission bits and ignores
 the file creation mask.
 
    In normal use, the file creation mask is initialized by the user's
 login shell (using the 'umask' shell command), and inherited by all
 subprocesses.  Application programs normally don't need to worry about
 the file creation mask.  It will automatically do what it is supposed to
 do.
 
    When your program needs to create a file and bypass the umask for its
 access permissions, the easiest way to do this is to use 'fchmod' after
 opening the file, rather than changing the umask.  In fact, changing the
 umask is usually done only by shells.  They use the 'umask' function.
 
    The functions in this section are declared in 'sys/stat.h'.
 
  -- Function: mode_t umask (mode_t MASK)
      Preliminary: | MT-Safe | AS-Safe | AC-Safe |  POSIX Safety
      Concepts.
 
      The 'umask' function sets the file creation mask of the current
      process to MASK, and returns the previous value of the file
      creation mask.
 
      Here is an example showing how to read the mask with 'umask'
      without changing it permanently:
 
           mode_t
           read_umask (void)
           {
             mode_t mask = umask (0);
             umask (mask);
             return mask;
           }
 
      However, on GNU/Hurd systems it is better to use 'getumask' if you
      just want to read the mask value, because it is reentrant.
 
  -- Function: mode_t getumask (void)
      Preliminary: | MT-Safe | AS-Safe | AC-Safe |  POSIX Safety
      Concepts.
 
      Return the current value of the file creation mask for the current
      process.  This function is a GNU extension and is only available on
      GNU/Hurd systems.
 
  -- Function: int chmod (const char *FILENAME, mode_t MODE)
      Preliminary: | MT-Safe | AS-Safe | AC-Safe |  POSIX Safety
      Concepts.
 
      The 'chmod' function sets the access permission bits for the file
      named by FILENAME to MODE.
 
      If FILENAME is a symbolic link, 'chmod' changes the permissions of
      the file pointed to by the link, not those of the link itself.
 
      This function returns '0' if successful and '-1' if not.  In
      addition to the usual file name errors ( File Name Errors),
      the following 'errno' error conditions are defined for this
      function:
 
      'ENOENT'
           The named file doesn't exist.
 
      'EPERM'
           This process does not have permission to change the access
           permissions of this file.  Only the file's owner (as judged by
           the effective user ID of the process) or a privileged user can
           change them.
 
      'EROFS'
           The file resides on a read-only file system.
 
      'EFTYPE'
           MODE has the 'S_ISVTX' bit (the "sticky bit") set, and the
           named file is not a directory.  Some systems do not allow
           setting the sticky bit on non-directory files, and some do
           (and only some of those assign a useful meaning to the bit for
           non-directory files).
 
           You only get 'EFTYPE' on systems where the sticky bit has no
           useful meaning for non-directory files, so it is always safe
           to just clear the bit in MODE and call 'chmod' again.  
           Permission Bits, for full details on the sticky bit.
 
  -- Function: int fchmod (int FILEDES, mode_t MODE)
      Preliminary: | MT-Safe | AS-Safe | AC-Safe |  POSIX Safety
      Concepts.
 
      This is like 'chmod', except that it changes the permissions of the
      currently open file given by FILEDES.
 
      The return value from 'fchmod' is '0' on success and '-1' on
      failure.  The following 'errno' error codes are defined for this
      function:
 
      'EBADF'
           The FILEDES argument is not a valid file descriptor.
 
      'EINVAL'
           The FILEDES argument corresponds to a pipe or socket, or
           something else that doesn't really have access permissions.
 
      'EPERM'
           This process does not have permission to change the access
           permissions of this file.  Only the file's owner (as judged by
           the effective user ID of the process) or a privileged user can
           change them.
 
      'EROFS'
           The file resides on a read-only file system.
 
Info Catalog (libc.info.gz) Access Permission (libc.info.gz) File Attributes (libc.info.gz) Testing File Access
automatically generated by info2html