Shell Command that Combines chmod and chgrp

Is there a combine variant for chmod and chgrp that sets both permissions and groups in one single system call for each file?

There is no such a variant because the two operations chmod(2) and chown(2) are implemented by distinct system calls.

Getting away with chmod and chown

You might be looking for such a variant of chmod and chown because of security issues. If this is the case, you can use the following strategy:

1. Strip mode flags to a very conservative set (possibly empty) on the target file.
2. Change owner and group of the target file.
3. Give the target file the desired mode flags.

This way you avoid potential security issues associated to successive calls to chmod and chown or to chown and chmod.

The install/open trick

The only system call setting mode flags and ownership information at the same time might be open(2). So, you could use a process impersonating the target owner opening the file with the appropriate mode. This is probably what install does, so if this is an option:

1. Rename the old file.
2. Copy the old file to the new file with the desired ownership and access mode information using the install command.
3. Delete the old file.

Doing this will break hard links, however. The solution based on chown and chmod does not have that issue.