How to change ownership of files and directories in Linux

In Linux, every file and folder is assigned to a specific user and group. The ownership of these items controls who has the rights to read, modify, or execute them. In certain cases, it may be necessary to change the ownership of files and folders, particularly in environments where multiple users need to share or manage resources.

The primary tools for managing ownership are the chown and chgrp commands. These commands allow you to change the owner or group associated with a file or directory. These tools are part of every Linux and Unix-based system, including macOS and BSD. The chown command changes both the user and group ownership, while chgrp focuses solely on group ownership.

To modify ownership, administrative privileges are required. Improper changes can restrict access to files or introduce security risks. When performing ownership changes, especially with recursive options, it's important to verify the changes to prevent accidental access issues or permission problems.

1. Open the terminal in your Linux system.
2. List the users in the system.

   $ getent passwd
   root:x:0:0:root:/root:/bin/bash
   daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
   bin:x:2:2:bin:/bin:/usr/sbin/nologin
   sys:x:3:3:sys:/dev:/usr/sbin/nologin
   sync:x:4:65534:sync:/bin:/bin/sync
   games:x:5:60:games:/usr/games:/usr/sbin/nologin
   man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
   lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
   mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
   news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
   uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
   proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
   www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
   backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
   list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
   irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
   gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
   nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
   systemd-timesync:x:100:101:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin
   systemd-network:x:101:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
   systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
   messagebus:x:103:106::/nonexistent:/usr/sbin/nologin
   syslog:x:104:110::/home/syslog:/usr/sbin/nologin
   _apt:x:105:65534::/nonexistent:/usr/sbin/nologin
   tss:x:106:111:TPM software stack,,,:/var/lib/tpm:/bin/false
   uuidd:x:107:114::/run/uuidd:/usr/sbin/nologin
   tcpdump:x:108:115::/nonexistent:/usr/sbin/nologin
   avahi-autoipd:x:109:117:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/usr/sbin/nologin
   usbmux:x:110:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin
   rtkit:x:111:118:RealtimeKit,,,:/proc:/usr/sbin/nologin
   dnsmasq:x:112:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin
   avahi:x:113:120:Avahi mDNS daemon,,,:/run/avahi-daemon:/usr/sbin/nologin
   cups-pk-helper:x:114:121:user for cups-pk-helper service,,,:/home/cups-pk-helper:/usr/sbin/nologin
   speech-dispatcher:x:115:29:Speech Dispatcher,,,:/run/speech-dispatcher:/bin/false
   kernoops:x:116:65534:Kernel Oops Tracking Daemon,,,:/:/usr/sbin/nologin
   saned:x:117:123::/var/lib/saned:/usr/sbin/nologin
   nm-openvpn:x:118:124:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin/nologin
   whoopsie:x:119:125::/nonexistent:/bin/false
   colord:x:120:126:colord colour management daemon,,,:/var/lib/colord:/usr/sbin/nologin
   sssd:x:121:127:SSSD system user,,,:/var/lib/sss:/usr/sbin/nologin
   geoclue:x:122:128::/var/lib/geoclue:/usr/sbin/nologin
   pulse:x:123:129:PulseAudio daemon,,,:/var/run/pulse:/usr/sbin/nologin
   hplip:x:124:7:HPLIP system user,,,:/run/hplip:/bin/false
   gnome-initial-setup:x:125:65534::/run/gnome-initial-setup/:/bin/false
   gdm:x:126:131:Gnome Display Manager:/var/lib/gdm3:/bin/false
   user:x:1000:1000:user,,,:/home/user:/bin/bash
   systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
   sshd:x:127:65534::/run/sshd:/usr/sbin/nologin
   shakir:x:1001:1001:shakir,,,:/home/shakir:/bin/bash

   This command will display all users and their associated user IDs.

3. List the available groups in the system.

   $ getent group
   root:x:0:
   daemon:x:1:
   bin:x:2:
   sys:x:3:
   adm:x:4:syslog,user
   tty:x:5:
   disk:x:6:
   lp:x:7:
   mail:x:8:
   news:x:9:
   uucp:x:10:
   man:x:12:
   proxy:x:13:
   kmem:x:15:
   dialout:x:20:
   fax:x:21:
   voice:x:22:
   cdrom:x:24:user
   floppy:x:25:
   tape:x:26:
   sudo:x:27:user,shakir
   audio:x:29:pulse
   dip:x:30:user
   www-data:x:33:
   backup:x:34:
   operator:x:37:
   list:x:38:
   irc:x:39:
   src:x:40:
   gnats:x:41:
   shadow:x:42:
   utmp:x:43:
   video:x:44:
   sasl:x:45:
   plugdev:x:46:user
   staff:x:50:
   games:x:60:
   users:x:100:
   nogroup:x:65534:
   systemd-timesync:x:101:
   systemd-journal:x:102:
   systemd-network:x:103:
   systemd-resolve:x:104:
   crontab:x:105:
   messagebus:x:106:
   input:x:107:
   kvm:x:108:
   render:x:109:
   syslog:x:110:
   tss:x:111:
   bluetooth:x:112:
   ssl-cert:x:113:
   uuidd:x:114:
   tcpdump:x:115:
   ssh:x:116:
   avahi-autoipd:x:117:
   rtkit:x:118:
   netdev:x:119:
   avahi:x:120:
   lpadmin:x:121:user
   scanner:x:122:saned
   saned:x:123:
   nm-openvpn:x:124:
   whoopsie:x:125:
   colord:x:126:
   sssd:x:127:
   geoclue:x:128:
   pulse:x:129:
   pulse-access:x:130:
   gdm:x:131:
   lxd:x:132:user
   user:x:1000:
   sambashare:x:133:user
   systemd-coredump:x:999:
   shakir:x:1001:

   This command shows all the groups and their group IDs.

4. Check the current ownership of a file or directory.

   $ stat -c "%U:%G" /var/www/html/index.html
   root:root

5. Change the owner of a file or folder.

   $ sudo chown www-data /var/www/html/index.html

6. Verify the current owner and group of the file.

   $ stat -c "%U:%G" /var/www/html/index.html
   www-data:root

7. Change the group of a file or folder.

   $ sudo chgrp www-data /var/www/html/index.html

8. Change both the owner and group simultaneously.

   $ sudo chown www-data:www-data /var/www/html/

9. Change the owner and group using a wildcard.

   $ sudo chown www-data:www-data /var/www/html/*

10. Change ownership recursively for all files and directories within a directory.

    $ sudo chown -R www-data:www-data /var/www/html/*

11. Verify the new ownership of the file or directory.

    $ ls -l /var/www/html/
    total 20
    drwxr-xr-x 2 www-data www-data  4096 Jan  24 09:58 css
    -rw-r--r-- 1 www-data www-data 10918 Jan  23 19:57 index.html
    drwxr-xr-x 2 www-data www-data  4096 Jan  24 09:57 js