In Linux, every file and folder is assigned to a specific user and group. The ownership of these items controls who has the rights to read, modify, or execute them. In certain cases, it may be necessary to change the ownership of files and folders, particularly in environments where multiple users need to share or manage resources.
The primary tools for managing ownership are the chown and chgrp commands. These commands allow you to change the owner or group associated with a file or directory. These tools are part of every Linux and Unix-based system, including macOS and BSD. The chown command changes both the user and group ownership, while chgrp focuses solely on group ownership.
To modify ownership, administrative privileges are required. Improper changes can restrict access to files or introduce security risks. When performing ownership changes, especially with recursive options, it's important to verify the changes to prevent accidental access issues or permission problems.
Steps to change ownership of files and directories in Linux:
- Open the terminal in your Linux system.
- List the users in the system.
$ getent passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin systemd-timesync:x:100:101:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin systemd-network:x:101:103:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin systemd-resolve:x:102:104:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin messagebus:x:103:106::/nonexistent:/usr/sbin/nologin syslog:x:104:110::/home/syslog:/usr/sbin/nologin _apt:x:105:65534::/nonexistent:/usr/sbin/nologin tss:x:106:111:TPM software stack,,,:/var/lib/tpm:/bin/false uuidd:x:107:114::/run/uuidd:/usr/sbin/nologin tcpdump:x:108:115::/nonexistent:/usr/sbin/nologin avahi-autoipd:x:109:117:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/usr/sbin/nologin usbmux:x:110:46:usbmux daemon,,,:/var/lib/usbmux:/usr/sbin/nologin rtkit:x:111:118:RealtimeKit,,,:/proc:/usr/sbin/nologin dnsmasq:x:112:65534:dnsmasq,,,:/var/lib/misc:/usr/sbin/nologin avahi:x:113:120:Avahi mDNS daemon,,,:/run/avahi-daemon:/usr/sbin/nologin cups-pk-helper:x:114:121:user for cups-pk-helper service,,,:/home/cups-pk-helper:/usr/sbin/nologin speech-dispatcher:x:115:29:Speech Dispatcher,,,:/run/speech-dispatcher:/bin/false kernoops:x:116:65534:Kernel Oops Tracking Daemon,,,:/:/usr/sbin/nologin saned:x:117:123::/var/lib/saned:/usr/sbin/nologin nm-openvpn:x:118:124:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin/nologin whoopsie:x:119:125::/nonexistent:/bin/false colord:x:120:126:colord colour management daemon,,,:/var/lib/colord:/usr/sbin/nologin sssd:x:121:127:SSSD system user,,,:/var/lib/sss:/usr/sbin/nologin geoclue:x:122:128::/var/lib/geoclue:/usr/sbin/nologin pulse:x:123:129:PulseAudio daemon,,,:/var/run/pulse:/usr/sbin/nologin hplip:x:124:7:HPLIP system user,,,:/run/hplip:/bin/false gnome-initial-setup:x:125:65534::/run/gnome-initial-setup/:/bin/false gdm:x:126:131:Gnome Display Manager:/var/lib/gdm3:/bin/false user:x:1000:1000:user,,,:/home/user:/bin/bash systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin sshd:x:127:65534::/run/sshd:/usr/sbin/nologin shakir:x:1001:1001:shakir,,,:/home/shakir:/bin/bash
This command will display all users and their associated user IDs.
- List the available groups in the system.
$ getent group root:x:0: daemon:x:1: bin:x:2: sys:x:3: adm:x:4:syslog,user tty:x:5: disk:x:6: lp:x:7: mail:x:8: news:x:9: uucp:x:10: man:x:12: proxy:x:13: kmem:x:15: dialout:x:20: fax:x:21: voice:x:22: cdrom:x:24:user floppy:x:25: tape:x:26: sudo:x:27:user,shakir audio:x:29:pulse dip:x:30:user www-data:x:33: backup:x:34: operator:x:37: list:x:38: irc:x:39: src:x:40: gnats:x:41: shadow:x:42: utmp:x:43: video:x:44: sasl:x:45: plugdev:x:46:user staff:x:50: games:x:60: users:x:100: nogroup:x:65534: systemd-timesync:x:101: systemd-journal:x:102: systemd-network:x:103: systemd-resolve:x:104: crontab:x:105: messagebus:x:106: input:x:107: kvm:x:108: render:x:109: syslog:x:110: tss:x:111: bluetooth:x:112: ssl-cert:x:113: uuidd:x:114: tcpdump:x:115: ssh:x:116: avahi-autoipd:x:117: rtkit:x:118: netdev:x:119: avahi:x:120: lpadmin:x:121:user scanner:x:122:saned saned:x:123: nm-openvpn:x:124: whoopsie:x:125: colord:x:126: sssd:x:127: geoclue:x:128: pulse:x:129: pulse-access:x:130: gdm:x:131: lxd:x:132:user user:x:1000: sambashare:x:133:user systemd-coredump:x:999: shakir:x:1001:
This command shows all the groups and their group IDs.
- Check the current ownership of a file or directory.
$ stat -c "%U:%G" /var/www/html/index.html root:root
- Change the owner of a file or folder.
$ sudo chown www-data /var/www/html/index.html
- Verify the current owner and group of the file.
$ stat -c "%U:%G" /var/www/html/index.html www-data:root
- Change the group of a file or folder.
$ sudo chgrp www-data /var/www/html/index.html
- Change both the owner and group simultaneously.
$ sudo chown www-data:www-data /var/www/html/
- Change the owner and group using a wildcard.
$ sudo chown www-data:www-data /var/www/html/*
- Change ownership recursively for all files and directories within a directory.
$ sudo chown -R www-data:www-data /var/www/html/*
- Verify the new ownership of the file or directory.
$ ls -l /var/www/html/ total 20 drwxr-xr-x 2 www-data www-data 4096 Jan 24 09:58 css -rw-r--r-- 1 www-data www-data 10918 Jan 23 19:57 index.html drwxr-xr-x 2 www-data www-data 4096 Jan 24 09:57 js
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.
Comment anonymously. Login not required.