Files and directories in Linux systems belong to everyone. You can change their ownership with chowncommand. We will show you how.
Each file belongs to a user and a group
Linux is a multipurpose system. The operating system makes it possible to define several user accounts and for any valid user to log in to the computer. In addition, multiple users can use a single computer at the same time.
To keep track of which files belong to which user and to enforce some security, Linux uses the term ownership. Each file belongs to an owner - a user - and to a group.
When a file is created, the owner is the user who created it. The group to which the file belongs - the "own" group - is the user's current group. Users and groups have names, and they also have numeric identities, called a user (or unique) identifier (UID) and a group identifier (GID).
When you create a file, it is owned by you and it belongs to your current group. Usually this is the group you are logged in to. By default, this is a group that shares the same name as the username and was created when you were created as a user on the system.
You can use the chowncommand to change the ownership values to something else. You can specify a new owner, a new group or a new owner and a new group at the same time. The owner of a file can change group ownership, but only root can change user ownership because it involves another user. Without root privileges, you can not make another user on the system without "adopting" a file.
Why do you want to change ownership?
Here are some examples of situations in which you may want to do this:
If you transfer files between different Linux or Unix-like operating systems, you must change the user and group owners to the new user and group owners of the account you want to use the files under on the new Linux computer.
A user can leave your organization, and all of his files will be the responsibility of another employee. You must change the owner and group owner of the employee who is now responsible for the files.
You can create a script to be used by a specific user.
You can create a file or directory that is logged in as root, but you want it to be available to a specific user.
View the groups, UID and GID
To list the groups you are in, you can use groupscommand.
- groups
To get a list of the groups, their numeric IDs, and UID and GID, use the idcommand:
- id
You can use some ID options to narrow down the output.
- -u : UID list.
- -g : List your effective (current) GID.
- -now : List your username.
- NG : List the current group name.
id -u
id -g
id -nu
id -ng
View user and group ownership of a file
To view the owners of a file or directory, use the -l(long list) option ls.
ls -l
We can see that the name daveappears twice in the entry. The appearance on the left tells us that the file owner is a user named dave. The right-most davetell us that the file belongs to a group that is also called dave.
By default, when a Linux user is created, they are added to a private group named. They are the only member of this group.
This executable file is owned by the user maryand the group to which the file belongs is a mary'sprivate group.
ls -l
This file is owned by the user oscar, but the group to which the file belongs is named researchlab. This means that other members of the researchlabgroup can access this file, according to the file permissions set for the members of the group.
Change of user ownership
Let's work through some examples. This command will change the user's ownership of the while.c file to the user mary.
sudo chown mary while.c
We can use lsto see the changes in the file properties.
ls -l while.c
You can use chownto change the ownership of several files at once.
sudo chown mary getval.c global.c goto.c
This changes the usability of all three files.
ls -l getval.c global.c goto.c
You can use wildcards to select groups of files. This command will change the user's ownership of all files beginning with the letter "c."
sudo chown mary c*.*
All the files will now have maryas their owner. Note that none of the group owners have changed.
ls -l mary c*.*
Let's change the ownership of a directory. We simply give the directory name chowninstead of a file name.
sudo chown mary ./archive/
To check the ownership of the directory we use ls, but also use the -d(directory) option for it. This shows the properties of the directory, not the files in it.
ls -l -d ./archive/
If you want to change the ownership of all the files in a directory, you can use the -R(recursive) option. This option will change the user's ownership of all files in the archivefolder.
sudo chown -R mary ./archive/
Let's look at the files in the archive directory.
ls -l ./archive/
As expected, all files now belong mary.
Change of group ownership
There are different ways to change group ownership.
To change group ownership while changing user ownership, pass the new owner name and the new group name with a colon ":" that separates them. The group must already exist.
sudo chown mary:researchlab charm.c
The user owner and the group to which the file belongs have both changed.
ls -l charm.c
A concise way to change group ownership of the current group to the new owner, just enter the colon and omit the group name.
sudo chown mary: caps.c
ls -l caps.c
Both user ownership and group ownership have been changed to mary.
If you only want to change group ownership, go in front of a colon and omit the username. The user's owner will not be changed.
sudo chown :researchlab at.c
ls -l at.c
Group ownership has changed, but user ownership remains the same.
Use Chown with UID and GID values
You can use the numeric UID and GID values with chowncommand. This command will add the user and group ownership mary.
sudo chown 1001:1001 at.c
ls -l at.c
Possession is nine tenths of the law
Or so they say. But in Linux, ownership is a massive part of file security, with file permissions providing the rest of it. Use chownand chmodcommands to secure file access on your system.
No comments:
Post a Comment