The FILE_CHMOD procedure allows you to change the current access permissions (sometimes known as modes on UNIX platforms) associated with a file or directory. File modes are specified using the standard Posix convention of three protection classes (user, group, other), each containing three attributes (read, write, execute). These permissions can be specified as an octal bitmask in which desired permissions have their associated bit set and unwanted ones have their bits cleared. This is the same format familiar to users of the UNIX chmod(1) command).
Keywords are available to specify permissions without the requirement to specify a bitmask, providing a simpler way to handle many situations. All of the keywords share a similar behavior: Setting them to a non-zero value adds the specified permission to the Mode argument. Setting the keyword to 0 removes that permission.
To find the current protection settings for a given file, you can use the GET_MODE keyword to the FILE_TEST function.
Examples
In the first example, we make the file moose.dat read only to everyone except the owner of the file, but not change any other settings:
FILE_CHMOD, 'moose.dat', /U_WRITE, G_WRITE=0, O_WRITE=0
In the next example, we make the file readable and writable to the owner and group, but read-only to anyone else, and remove any other modes:
FILE_CHMOD, 'moose.dat', '664'o
Note: To find the current protection settings for a given file, you can use the GET_MODE keyword to the FILE_TEST function.
Syntax
FILE_CHMOD, File [, Mode] [, /A_EXECUTE |, /A_READ |, /A_WRITE] [, /G_EXECUTE | /G_READ | , /G_WRITE] [, /NOEXPAND_PATH] [, /O_EXECUTE | /O_READ | , /O_WRITE] [, /U_EXECUTE | /U_READ | , /U_WRITE]
UNIX-Only Keywords: [, /SETGID] [, /SETUID] [, /STICKY_BIT]
Arguments
File
A scalar or array of file or directory names for which protection modes will be changed.
Mode
An optional bit mask specifying the absolute protection settings to be applied to the files. If Mode is not supplied, FILE_CHMOD looks up the current modes for the file and uses it instead. Any additional modes specified via keywords are applied relative to the value in Mode. Setting a keyword adds the necessary mode bits to Mode, and clearing it by explicitly setting a keyword to 0 removes those bits from Mode.
The values of the bits in these masks correspond to those used by the UNIX chmod(2) system call and chmod(1) user command, and are given in the following table. Since these bits are usually manipulated in groups of three, octal notation is commonly used when referring to them. When constructing a mode, the following platform specific considerations should be kept in mind:
- The setuid, setgid, and sticky bits are specific to the UNIX operating system, and have no meaning elsewhere. FILE_CHMOD ignores them on non-UNIX systems. The UNIX kernel may quietly refuse to set the sticky bit if you are not the root user. Consult the chmod(2) man page for details.
- The Microsoft Windows operating system does not have 3 permission classes like UNIX does. Therefore, setting for all three classes are combined into a single request.
- The Microsoft Windows operating system always allows read access to any files visible to a program. FILE_CHMOD therefore ignores any requests to remove read access.
- The Microsoft Windows operating system does not maintain an execute bit for files, but instead uses the file suffix to decide if a file is executable. FILE_CHMOD cannot change the execution status of a file in the Windows environment; such requests are quietly ignored.
|
Bit |
Octal Mask |
Meaning |
|
12 |
'4000'o
|
Setuid: Set user ID on execution.
|
|
11 |
'2000'o
|
Setgid: Set group ID on execution.
|
|
10 |
'1000'o
|
Turn on sticky bit. See the UNIX documentation on chmod(2) for details.
|
|
9 |
'0400'o
|
Allow read by owner.
|
|
8 |
'0200'o
|
Allow write by owner.
|
|
7 |
'0100'o
|
Allow execute by owner.
|
|
6 |
'0040'o
|
Allow read by group.
|
|
5 |
'0020'o
|
Allow write by group.
|
|
4 |
'0010'o
|
Allow execute by group.
|
|
3 |
'0004'o
|
Allow read by others.
|
|
2 |
'0002'o
|
Allow write by others.
|
|
1 |
'0001'o
|
Allow execute by others.
|
Keywords
A_EXECUTE
Execute access for all three (user, group, other) categories.
A_READ
Read access for all three (user, group, other) categories.
A_WRITE
Write access for all three (user, group, other) categories.
G_EXECUTE
Execute access for the group category.
G_READ
Read access for the group category.
G_WRITE
Write access for the group category.
NOEXPAND_PATH
Set this keyword to cause FILE_CHMOD to use the File argument exactly as specified, without applying the usual file path expansion.
O_EXECUTE
Execute access for the other category.
O_READ
Read access for the other category.
O_WRITE
Write access for the other category.
SETGID
This keyword is only available on UNIX platforms.
The Set Group ID bit.
SETUID
This keyword is only available on UNIX platforms.
The Set User ID bit.
STICKY_BIT
This keyword is only available on UNIX platforms.
Sets the sticky bit.
U_EXECUTE
Execute access for the user category.
U_READ
Read access for the user category.
U_WRITE
Write access for the user category.
Version History
See Also