Linux chown command

Updated: 11/10/2017 by Computer Hope

About chown

The chown command changes ownership of files and directories in a Linux filesystem.

What is file "ownership"?

Linux is designed to support a large number of users. Because of this, it needs to keep careful track of who is allowed to access a file, and how they can access it. These access rules are called permissions.

There are three major types of file permissions:

  • User permissions. These permissions apply to a single user who has special access to the file. This user is called the owner.
  • Group permissions. These apply to a single group of users who have access to the file. This group is the owning group.
  • Other permissions. These apply to every other user on the system. These users are known as others, or the world.

When a file is created, its owner is the user who created it, and the owning group is the user's current group.

chown can change these values to something else.

Syntax

chown [-c|--changes] [-v|--verbose] [-f|--silent|--quiet] [--dereference]
      [-h|--no-dereference] [--preserve-root]
      [--from=currentowner:currentgroup] [--no-preserve-root]
      [-R|--recursive] [--preserve-root] [-H] [-L] [-P]
      {new-owner|--reference=ref-file} file ...
chown --help
chown --version

Specifying the new owner

New ownership of file is specified by the argument new-owner, which takes this general form:

[user[:group]]

Specifically, there are five ways to format new-owner:

new-owner form Description
user The name of the user to own the file. In this form, the colon (":") and the group is omitted. The owning group is not altered.
user:group The user and group to own the file, separated by a colon, with no spaces in between.
:group The group to own the file. In this form, user is omitted, and the group must be preceded by a colon.
user: If group is omitted, but a colon follows user, the owner is changed to user, and the owning group is changed to the login group of user.
: Specifying a colon with no user or group is accepted, but ownership will not be changed. This form does not cause an error, but changes nothing.

Notes on usage

  • user and group can be specified by name or by number.
  • Only root can change the owner of a group. The owner cannot transfer ownership of a file, unless the owner is root, or uses sudo.
  • The owning group of a file can be changed by the file's owner, if the owner belongs to that group. The owning group of a file can be changed by root to any group. Members of the owning group other than the owner cannot change a file's owning group.
  • The owning group can also be changed using the dedicated chgrp command. It uses the same system call, so they are functionally identical.
  • Certain miscellaneous file operations can be performed only by the owner or root. For instance, only the owner or root can manually change a file's atime or mtime (access time or modification time) using the touch command.
  • Because of these restrictions, you will almost always want to run chown as root, for instance by prefixing it with sudo. If you don't have root access on the system, you can only use chroot for a very limited number of operations.

Options

Option Description
-c,
--changes
Similar to --verbose mode, but only displays information about files that are actually changed. For example:

changed ownership of 'dir/dir1/file1' from hope:neil to hope:hope
-v,
--verbose
Display verbose information for every file processed. For example:

changed ownership of 'dir/dir1/file1' from hope:neil to hope:hope
ownership of 'dir/dir1' retained as hope:hope
-f,
--silent,
--quiet
Quiet mode. Do not display output such as error messages.
--dereference Dereference all symbolic links. If file is a symlink, change the owner of the referenced file, not the symlink itself. This is the default behavior.
-h,
--no-dereference
Never dereference symbolic links. If file is a symlink, change the owner of the symlink rather than the referenced file. (This option only has an effect if your operating system allows you to change the ownership of a symlink.)
--from=currentowner:currentgroup Change the owner or group of each file only if its current owner or group match currentowner and/or currentgroup. Either may be omitted, in which case a match is not required for the other attribute.
--no-preserve-root Do not treat / (the root directory) in any special way. This is the default behavior. If the --preserve-root opion is previously specified in the command, this option will cancel it.
--reference=ref-file Use the owner and group of file ref-file, rather than specifying ownership with new-owner.
-R,
--recursive
Operate on files and directories recursively.

Recursive options

The following options modify how a hierarchy is traversed when the -R or --recursive option is specified.

Option Description
--preserve-root Never operate recursively on the root directory /.

If --recursive is not specified, this option has no effect.
-H If a file specified on the command line is a symbolic links to a directory, traverse it and operate on those files and directories as well.
-L Traverse all symbolic links to a directories.
-P Do not traverse any symbolic links; operate on the symlinks themselves. This is the default behavior.

If more than one of -H, -L, or -P is specified, only the final one takes effect.

Other options

These options display information about the program, and cannot be used with other options or arguments.

Option Description
--help Display a brief help message and exit.
--version Display version information and exit.

Exit status

tail exits with a status of 0 for success. Any other number indicates that the command failed.

Why change a file's ownership?

You should use chown when you want a file's user or group permissions to apply to a different user or group.

Hypothetical scenarios

Here are some examples of when you might use chown:

  • You create a file, myfile.txt, using sudo or while logged in as root, so the file is owned by root. However, you intend the file to be used by your regular user account, myuser.

    Use chown to change the owner:
sudo chown myuser myfile.txt
  • You own myfile.txt, but you want to give it to another user on the system named notme. You also want to change the owning group to that user's group, notmygroup.

    Use chown to change the owner and group:
sudo chown notme:notmygroup myfile.txt
  • You just transferred an entire directory of files, otherfiles, from another computer. All the files and directories are owned by your username on the other system, and you want your current user and group to own them all.

    Change the ownership of the directory and all its contents recursively, with the -R option:
sudo chown -R myuser:mygroup otherfiles

When you specify recursive mode, and chown operates on a directory, it will also operate on on everything inside it. So the previous command will change the ownership of every file and subdirectory in otherfiles.

Groups in Linux

In Linux, a user can be a member of multiple groups, but it has only one "current group". The user's current group is the user's group identity, or GID.

When the user creates a new file, the file's ownership is set to the user's UID (user identity) and GID (group identity). So when user carla starts writing a new text document, the file is owned by carla, and also by her current group. She can change the group ownership with chown, but only root can use chown to change the owner to someone else.

In addition, each user has a configurable login group, which can be any of the groups that the user belongs to. So when carla logs in, this is their current group. The login group can be changed with the usermod command's -G option.

If a user wants to change its current group, it can use the newgrp command. This change lasts until logout. For instance, even if carla changes her current group with newgrp, it will be reset to her login group the next time she logs in.

You can check your current group using the id command with the -g option:

id -g
1001

This is your numeric GID (the number of your current group). To see the name, specify the -n option:

id -ng
hope

To view all of your group memberships, use a capital G:

id -nG
hope sudo neil libvirtd vboxusers usergroup

By default, every Linux user has a private group, with that user as the only member. So, when user jeff is created, a group named jeff is also greated; jeff is jeff's default login group; and group jeff has only one member.

Groups in other operating systems

Other operating systems use chown, but their groups may function differently.

In macOS X and BSD, for example, users don't have private groups. Instead, all regular users belong to a general user group called users.

In these operating systems, the options and functionality of chown may be similar, but different. If you're using chown on a non-Linux operating system, make sure to run man chown to learn what the differences are.

Examples

Viewing ownership

Viewing ownership

Before you use chown, you may want to check the current ownership of a file. You can view a file's ownership, permissions, and other important information with the ls command, using the -l option:

ls -l myscript.sh
-rwxrw-r-- 1 hope hopeusers 12 Nov  5 13:14 myscript.sh

In the output, you see several fields of information listed, including the permissions and ownership of the file. It might not make sense at first, so let's describe it in detail.

Here's what the information means:

Data Field position Description
- Field 1, character 1 File type: d for a directory, l (lowercase L) for a symbolic link, or - (a dash) for a regular file.
rwx Field 1, characters 2-4 User permissions. The owner can read ("r"), write to ("w"), and execute ("x") this file.
rw- Field 1, characters 5-7 Group permissions. The owning group can read and write to this file, but cannot execute it as a command.
r-- Field 1, characters 8-10 Others permissions, also known as "world" permissions. Any other user on the system is allowed to read the file only.
1 Field 2 Number of symbolic links to this file. If there are no symbolic links to the file, this number is 1, because the original file name is included in this count. If there were one symbolic link to the file, this number would be 2, or 3 for two symbolic links, etc.
hope Field 3 Name of owner. This is the name of the user who owns the file. When this user tries to access the file, access is restricted according to the user permissions.
hopeusers Field 4 Name of owning group. This is the user group who owns the file. When a user who is a member of this group tries to access the file, access is restricted according to the group permissions.
12 Field 5 Size. This file contains 12 bytes of data.
Nov Field 6 Mtime (month). Abbreviated name of the month when the file's contents were last modified. This file was last modified in the month of November.
5 Field 7 Mtime (day of month). This file was last modified on the fifth day of November.
13:14 Field 8 Mtime (time, or year). This file was last modified at 13:14 (1:34 P.M.) on November 5 of this year. If it was modified over a year ago, this field would list the year instead, for instance 2015.
myscript.sh Field 9 File name. The name of the file.

So the important fields here are 1, 3 and 4. They tell us that that user user hope can read, write, or execute> the file's contents; and members of group hopeusers can read or write them.

Changing ownership

The following are some uses of chown, and an explanation of what they do.

sudo chown hope file.txt

Change the owner of file.txt to user hope.

sudo chown hope file1 file2 file3

Change the owner of file1, file2, and file3 to user hope.

sudo chown hope file*

Here, the asterisk ("*") is a wildcard which the shell expands to a list of every file whose name begins with "file". So, if the current directory contains four files named file1, file2, file3, and file4, all of those file names are passed to the chown command, and their owner is changed to user hope.

sudo chown hope myfiles

Change the owner of myfiles to user hope.

sudo chown -R hope myfiles

Change the owner of myfiles to user hope. If myfiles is a directory, chown will recursively (-R) search that directory, and change the owner of everything it contains. Because the search is recursive, subdirectories will also be searched, and their files recursively changed.

sudo chown hope:admins file1 file2

Change the owner of file1 and file2 to user hope, and the owning group to group admins.

sudo chown hope: file1

Change the owner of file1 to user hope, and the owning group to hope's login group.

chown :othergroup file2

Change the owning group of file2 to the group othergroup. Notice that this is the only command in these examples which may be run without sudo.

If user hope runs the previous command but does not belong to group othergroup, the command will fail, unless it is run by root or with sudo.

sudo chown 1000:1001 file1

Change the ownership of file1 to the user with numeric UID 1000, and the group with the numeric GID 1001.

sudo chown +1000:+1001 file1

Same as the previous command. If user hope is UID 1000, and another user is named "1000" but has UID 1002, this command form (with the "+" signs) unambiguously changes the owner to hope.

sudo chown -R hope:hope Documents

Recursively change the ownership of the directory Documents, and all files and subdirectories it contains, to user hope and group hope.

sudo chown -Rc --reference /home/hope/inbox ~/work

Recursively change the ownership of the directory ~/files/work, and all files and subdirectories, to match the ownership of the file or directory /home/hope/inbox. Here, ~ (a tilde) is an alias in bash which represents your home directory. Your home directory can also be represented by the environment variable $HOME, as in $HOME/files/work.

In addition, any files whose ownership is changed (-c option) will be printed to standard output:

changed ownership of 'dir/file2' from neil:neil to hope:hope
changed ownership of 'dir/dir1/file1' from susie:susie to hope:hope
changed ownership of 'dir/dir1' from judy:judy to hope:hope
changed ownership of 'dir/dir2/file2' from jeff:jeff to hope:hope
changed ownership of 'dir/dir2' from carla:carla to hope:hope
changed ownership of 'dir/file1' from steve:steve to hope:hope
changed ownership of 'dir' from grace:grace to hope:hope

chgrp — Change the group ownership of files or directories.
chmod — Change the permissions of files or directories.
ls — List the contents of a directory or directories.
id — Display group IDs.
usermod — Modify a user's account settings.