mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-21 08:24:10 +01:00
ad34cace15
chmod, chflags, chgrp, chmod and chown now affect symlinks in -R mode as defined in symlink(7); previously symlinks were silently ignored. Differential Revision: https://reviews.freebsd.org/D2316 Reviewed by: jilles MFC after: 1 month Relnotes: yes Sponsored by: Multiplay
249 lines
6.4 KiB
Groff
249 lines
6.4 KiB
Groff
.\"-
|
|
.\" Copyright (c) 1989, 1990, 1993, 1994
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
.\"
|
|
.\" This code is derived from software contributed to Berkeley by
|
|
.\" the Institute of Electrical and Electronics Engineers, Inc.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" @(#)chflags.1 8.4 (Berkeley) 5/2/95
|
|
.\" $FreeBSD$
|
|
.\"
|
|
.Dd April 20, 2015
|
|
.Dt CHFLAGS 1
|
|
.Os
|
|
.Sh NAME
|
|
.Nm chflags
|
|
.Nd change file flags
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Op Fl fhv
|
|
.Oo
|
|
.Fl R
|
|
.Op Fl H | Fl L | Fl P
|
|
.Oc
|
|
.Ar flags
|
|
.Ar
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Nm
|
|
utility modifies the file flags of the listed files
|
|
as specified by the
|
|
.Ar flags
|
|
operand.
|
|
.Pp
|
|
The options are as follows:
|
|
.Bl -tag -width indent
|
|
.It Fl f
|
|
Do not display a diagnostic message if
|
|
.Nm
|
|
could not modify the flags for
|
|
.Va file ,
|
|
nor modify the exit status to reflect such failures.
|
|
.It Fl H
|
|
If the
|
|
.Fl R
|
|
option is specified, symbolic links on the command line are followed
|
|
and hence unaffected by the command.
|
|
(Symbolic links encountered during traversal are not followed.)
|
|
.It Fl h
|
|
If the
|
|
.Ar file
|
|
is a symbolic link,
|
|
change the file flags of the link itself rather than the file to which it points.
|
|
.It Fl L
|
|
If the
|
|
.Fl R
|
|
option is specified, all symbolic links are followed.
|
|
.It Fl P
|
|
If the
|
|
.Fl R
|
|
option is specified, no symbolic links are followed.
|
|
This is the default.
|
|
.It Fl R
|
|
Change the file flags of the file hierarchies rooted in the files,
|
|
instead of just the files themselves.
|
|
Beware of unintentionally matching the
|
|
.Dq Pa ".."
|
|
hard link to the parent directory when using wildcards like
|
|
.Dq Li ".*" .
|
|
.It Fl v
|
|
Cause
|
|
.Nm
|
|
to be verbose, showing filenames as the flags are modified.
|
|
If the
|
|
.Fl v
|
|
option is specified more than once, the old and new flags of the file
|
|
will also be printed, in octal notation.
|
|
.El
|
|
.Pp
|
|
The flags are specified as an octal number or a comma separated list
|
|
of keywords.
|
|
The following keywords are currently defined:
|
|
.Bl -tag -offset indent -width ".Cm opaque"
|
|
.It Cm arch , archived
|
|
set the archived flag (super-user only)
|
|
.It Cm nodump
|
|
set the nodump flag (owner or super-user only)
|
|
.It Cm opaque
|
|
set the opaque flag (owner or super-user only)
|
|
.It Cm sappnd , sappend
|
|
set the system append-only flag (super-user only)
|
|
.It Cm schg , schange , simmutable
|
|
set the system immutable flag (super-user only)
|
|
.It Cm snapshot
|
|
set the snapshot flag (filesystems do not allow changing this flag)
|
|
.It Cm sunlnk , sunlink
|
|
set the system undeletable flag (super-user only)
|
|
.It Cm uappnd , uappend
|
|
set the user append-only flag (owner or super-user only)
|
|
.It Cm uarch , uarchive
|
|
set the archive flag (owner or super-user only)
|
|
.It Cm uchg , uchange , uimmutable
|
|
set the user immutable flag (owner or super-user only)
|
|
.It Cm uhidden , hidden
|
|
set the hidden file attribute (owner or super-user only)
|
|
.It Cm uoffline , offline
|
|
set the offline file attribute (owner or super-user only)
|
|
.It Cm urdonly , rdonly , readonly
|
|
set the DOS, Windows and CIFS readonly flag (owner or super-user only)
|
|
.It Cm usparse , sparse
|
|
set the sparse file attribute (owner or super-user only)
|
|
.It Cm usystem , system
|
|
set the DOS, Windows and CIFS system flag (owner or super-user only)
|
|
.It Cm ureparse , reparse
|
|
set the Windows reparse point file attribute (owner or super-user only)
|
|
.It Cm uunlnk , uunlink
|
|
set the user undeletable flag (owner or super-user only)
|
|
.El
|
|
.Pp
|
|
Putting the letters
|
|
.Dq Ar no
|
|
before or removing the letters
|
|
.Dq Ar no
|
|
from a keyword causes the flag to be cleared.
|
|
For example:
|
|
.Pp
|
|
.Bl -tag -offset indent -width "nouchg" -compact
|
|
.It Cm nouchg
|
|
clear the user immutable flag (owner or super-user only)
|
|
.It Cm dump
|
|
clear the nodump flag (owner or super-user only)
|
|
.El
|
|
.Pp
|
|
A few of the octal values include:
|
|
.Bl -tag -offset indent -width ".Li 10"
|
|
.It Li 0
|
|
Clear all file flags.
|
|
.It Li 1
|
|
Translates to the
|
|
.Cm nodump
|
|
keyword.
|
|
.It Li 2
|
|
Translates to the
|
|
.Cm uchg
|
|
keyword.
|
|
.It Li 3
|
|
Translates to the
|
|
.Cm uchg , nodump
|
|
keywords.
|
|
.It Li 4
|
|
Translates to the
|
|
.Cm uappnd
|
|
keyword.
|
|
.It Li 10
|
|
Translates to the
|
|
.Cm opaque
|
|
keyword.
|
|
.It Li 20
|
|
translates to the
|
|
.Cm uunlnk
|
|
keyword.
|
|
.El
|
|
.Pp
|
|
Other combinations of keywords may be placed by using
|
|
the octets assigned; however, these are the most notable.
|
|
.Pp
|
|
Unless the
|
|
.Fl H ,
|
|
.Fl L ,
|
|
or
|
|
.Fl h
|
|
options are given,
|
|
.Nm
|
|
on a symbolic link always succeeds and has no effect.
|
|
The
|
|
.Fl H ,
|
|
.Fl L
|
|
and
|
|
.Fl P
|
|
options are ignored unless the
|
|
.Fl R
|
|
option is specified.
|
|
In addition, these options override each other and the
|
|
command's actions are determined by the last one specified.
|
|
.Pp
|
|
You can use "ls -lo" to see the flags of existing files.
|
|
.Pp
|
|
Note that the ability to change certain flags is dependent
|
|
on the current kernel
|
|
.Va securelevel
|
|
setting.
|
|
See
|
|
.Xr security 7
|
|
for more information on this setting.
|
|
.Sh EXIT STATUS
|
|
.Ex -std
|
|
.Sh SEE ALSO
|
|
.Xr ls 1 ,
|
|
.Xr chflags 2 ,
|
|
.Xr stat 2 ,
|
|
.Xr fts 3 ,
|
|
.Xr security 7 ,
|
|
.Xr symlink 7
|
|
.Sh HISTORY
|
|
The
|
|
.Nm
|
|
command first appeared in
|
|
.Bx 4.4 .
|
|
.Sh BUGS
|
|
Only a limited number of utilities are
|
|
.Nm
|
|
aware.
|
|
Some of these tools include
|
|
.Xr ls 1 ,
|
|
.Xr cp 1 ,
|
|
.Xr find 1 ,
|
|
.Xr install 1 ,
|
|
.Xr dump 8 ,
|
|
and
|
|
.Xr restore 8 .
|
|
In particular a tool which is not currently
|
|
.Nm
|
|
aware is the
|
|
.Xr pax 1
|
|
utility.
|