chown.2 (2010 09)
c
chown(2) chown(2)
NAME
chown(), fchown(), lchown() - change owner and group of a file
SYNOPSIS
#include <unistd.h>
int chown(const char *path, uid_t owner, gid_t group);
int lchown(const char *path, uid_t owner, gid_t group);
int fchown(int fildes, uid_t owner, gid_t group);
DESCRIPTION
The chown() system call changes the user and group ownership of a file. path points to the path name
of a file.
chown() sets the owner ID and group ID of the file to the numeric values contained in owner
and group respectively. A value of
UID_NO_CHANGE
or GID_NO_CHANGE
can be specified in owner or
group to leave unchanged the file’s owner ID or group ID, respectively. Note that owner and group should
be less than
UID_MAX (see limits (5)).
The group ownership of a file can be changed to any group in the current process’s access list or to the
real or effective group ID of the current process. If privilege groups are supported and the user has the
CHOWN privilege, the file can be given to any group.
If the path given to
chown() contains a symbolic link as the last element, this link is traversed and path
name resolution continues. chown() changes the owner and group of the symbolic link’s target, rather
than the owner and group of the link.
The
fchown() system call functions exactly like chown(), except that it operates on a file descriptor
instead of a path name. fildes is a file descriptor.
The
lchown() system call sets the owner ID and group ID of the named file just as
chown() does,
except in the case where the named file is a symbolic link. In this case,
lchown() changes the owner
and group of the symbolic link file itself.
Access Control Lists - HFS File Systems Only
A user can allow or deny specific individuals and groups access to a file by using the file’s access control
list (see acl (5)). When using
chown() in conjunction with HFS ACLs, if the new owner and/or group does
not have an optional ACL entry corresponding to user
.% and/or %.group in the file’s access control list,
the file’s access permission bits remain unchanged. However, if the new owner and/or group is already
designated by an optional ACL entry of user
.% and/or %.group,
chown() sets the file’s permission bits
(and the three basic ACL entries) to the permissions contained in that entry.
Access Control Lists - JFS File Systems Only
A user can allow or deny specific individuals and groups access to a file by using the file’s access control
list (see aclv (5)). When using
chown() in conjunction with JFS ACLs, if the new owner and/or group of
a file have optional ACL entries corresponding to
user:uid:perm and/or group:gid:perm in the file’s
access control list, those entries remain in the ACL but no longer have any effect, being superseded by the
file’s
user::perm and/or group::perm entries.
Security Restrictions
Only processes with an effective user ID equal to the file owner or a user with the
OWNER privilege can
change the ownership of a file. If privilege groups are supported, the owner of a file can change the own-
ership only as a member of a privilege group allowing CHOWN, as set up by the setprivgrp command
(see setprivgrp (1M)). All users get the CHOWN privilege by default.
When a process changes the ownership or group of a file, the file system may clear the set-user-ID and
set-group-ID bits.
See privileges (5) for more information about privileged access on systems that support fine-grained
privileges.
RETURN VALUE
chown() and fchown() return the following values:
0 Successful completion.
-1 Failure. The owner and group of the file remain unchanged. errno is set to indicate the
error.
HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1