How to change ownership of files and directories in Linux

Changing ownership of files and directories in Linux controls who can read, modify, or execute data on a system. Correct ownership keeps application data under the right service accounts, isolates user home directories, and prevents accidental access to sensitive files. Adjusting ownership becomes essential after restoring backups, migrating data, or copying files as root.

In Linux, each filesystem object has a user owner and a group owner, represented as user:group and backed by numeric user IDs (UIDs) and group IDs (GIDs). Commands such as chown and chgrp modify these fields, allowing ownership changes for individual paths, whole directory trees, or patterns like wildcards. Tools such as stat and ls -l reveal current ownership so changes can be planned and verified.

Ownership changes typically require administrative privileges through sudo or a root shell, because taking control of files can expose or deny access to others. Recursive operations against system directories can break services or lock users out if applied to the wrong path, so verifying targets before running a command is critical. Limiting changes to application data paths, such as /var/www or /srv, reduces the risk of impacting core system files.

1. Open a terminal on a Linux system with an account that has sudo access.
2. Display existing users to identify the correct owner account.

   $ getent passwd | grep -E '^(root|daemon|appuser):'
   root:x:0:0:root:/root:/bin/bash
   daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
   appuser:x:1002:1002::/home/appuser:/bin/bash

   The getent command queries the system user database so the correct owner account can be selected.

3. Display existing groups to find the appropriate group for the files.

   $ getent group | grep -E '^(root|sudo|ops):'
   root:x:0:
   sudo:x:27:user
   ops:x:1003:

   Group entries determine which group should own shared resources, such as ops for team-owned content.

4. Check the current ownership of a specific file or directory.

   $ stat -c "%U:%G" /root/sg-work/owner-demo/owned.txt
   root:root

   The stat utility prints ownership in user:group format for the given path.

5. Change the owner of a file while keeping the existing group.

   $ sudo chown appuser /root/sg-work/owner-demo/owned.txt

   Supplying only a user name to chown updates the file owner and leaves the group unchanged.

6. Verify the updated owner and group of the file.

   $ stat -c "%U:%G" /root/sg-work/owner-demo/owned.txt
   appuser:root

7. Change only the group of a file or directory.

   $ sudo chgrp ops /root/sg-work/owner-demo/owned.txt

   The chgrp command targets just the group field, which is useful when group membership changes but user ownership should remain.

8. Change both the owner and group of a directory itself.

   $ sudo chown appuser:ops /root/sg-work/owner-demo/

   Providing user:group to chown updates both ownership fields for the specified path without affecting its contents.

9. Change both owner and group for all items directly inside a directory.

   $ sudo chown appuser:ops /root/sg-work/owner-demo/*

   A wildcard pattern applies ownership changes to the immediate contents of /root/sg-work/owner-demo but does not recurse into nested subdirectories.

10. Change ownership recursively for all files and subdirectories under a path.

    $ sudo chown --recursive appuser:ops /root/sg-work/owner-demo

    Running a recursive ownership change on an incorrect path, such as / or /etc, can break services or expose sensitive data; the directory path should be double-checked before using this command.

11. Confirm the new ownership for the directory and its contents.

    $ ls -l /root/sg-work/owner-demo
    total 8
    drwxr-xr-x 2 appuser ops 4096 Jan 10 12:16 docs
    -rw-r--r-- 1 appuser ops    6 Jan 10 12:16 owned.txt