MacOS – How to see 6-digit file permissions

macospermissionunix

I have an application that complains about the permissions of its directory inside of /Applications. It wants to be set to 040775. I can fix it by running chmod 040775, but I do not understand what the first 2 digits mean. Just running chmod 775 does not work, so apparently these first 2 digits are wrong. What are these 2 digits, and how can I view them in macOS? I'm looking for something like ls -l. I'm running High Sierra.

Best Answer

The short answer is stat and ask for permissions field:

stat -f "%p" file

That application or instructions or memory is likely wrong. From the manual page, there are 4 digits in the octal representation for modes on macOS:

 Modes may be absolute or symbolic.  An absolute mode is an octal number
 constructed from the sum of one or more of the following values:

       4000    (the set-user-ID-on-execution bit) Executable files with
               this bit set will run with effective uid set to the uid of
               the file owner.  Directories with the set-user-id bit set
               will force all files and sub-directories created in them to
               be owned by the directory owner and not by the uid of the
               creating process, if the underlying file system supports
               this feature: see chmod(2) and the suiddir option to
               mount(8).
       2000    (the set-group-ID-on-execution bit) Executable files with
               this bit set will run with effective gid set to the gid of
               the file owner.
       1000    (the sticky bit) See chmod(2) and sticky(8).
       0400    Allow read by owner.
       0200    Allow write by owner.
       0100    For files, allow execution by owner.  For directories,
               allow the owner to search in the directory.
       0040    Allow read by group members.
       0020    Allow write by group members.
       0010    For files, allow execution by group members.  For directo-
               ries, allow group members to search in the directory.
       0004    Allow read by others.
       0002    Allow write by others.
       0001    For files, allow execution by others.  For directories
               allow others to search in the directory.

 For example, the absolute mode that permits read, write and execute by
 the owner, read and execute by group members, read and execute by others,
 and no set-uid or set-gid behaviour is 755 (400+200+100+040+010+004+001).

I've made a file conveniently named 040775 and applied permissions - you can see the 040 clears all sticky (as it’s 0775 part that matters), setUID, setGID bits so you get 0775 if you try to set 040775.

mac:foo me$ touch 040775
mac:foo me$ stat -f "%p" 040775 
100644
mac:foo me$ chmod 040775 040775
mac:foo me$ stat -f "%p" 040775 
100775
mac:foo me$ chmod 4775 040775 
mac:foo me$ ls -l
-rwsrwxr-x  1 me  wheel  0 May 10 20:30 040775
mac:foo me$ chmod 040775 040775
mac:foo me$ ls -l
-rwxrwxr-x  1 me  wheel  0 May 10 20:30 040775

I've edited the above a bit and didn't do all the stat and ls but it should help you poke around at existing files and test out whether my experience that only the last 4 digits are interpreted as an octal bit mask to set permissions as documented in the chmod man page.