Chapter 48: Bash Ownership (chown)
Bash Ownership (chown)
This is the second half of the permission + ownership story (we already covered chmod for changing permissions, and now chown is how we change who owns the file or folder).
In Linux, every file and folder has two owners attached to it:
- User owner (the person / user account that “owns” it — usually the one who created it)
- Group owner (a group name — used to give shared access to multiple users at once)
These two pieces decide which set of rwx permissions apply to whom:
- The user owner gets the first set (u = user)
- Members of the group owner get the second set (g = group)
- Everyone else gets the third set (o = others)
When you see this in ls -l:
|
0 1 2 3 4 5 6 7 8 |
-rw-r--r-- 1 webliance developers 2.3K Feb 26 10:15 report.pdf drwxr-xr-x 2 webliance webliance 4.0K Feb 25 15:20 photos -rwxr-xr-x 1 root root 456 Feb 26 11:00 /usr/bin/ls |
- Column 3 = user owner
- Column 4 = group owner
So in the first line:
- User owner = webliance (you) → gets rw- (read + write)
- Group owner = developers → gets r– (read only)
- Others → r– (read only)
Why Do We Need to Change Ownership? (Real Hyderabad Life Examples)
- You downloaded something with sudo → now it’s owned by root and you can’t edit it normally
- Your web server (nginx/Apache) runs as user www-data → it needs to own /var/www/html/ so it can write uploads
- You have a team project → you want everyone in the “developers” group to be able to edit files
- You want to lock down your .ssh folder so only you own it (security)
- Fixing “Permission denied” after moving files around
The chown Command – How to Change Ownership
chown = change owner
Basic syntax:
|
0 1 2 3 4 5 6 |
chown [options] [user][:group] file_or_folder |
- Only the user owner or root/sudo can change ownership
- Normal users can usually only change the group (and only to groups they belong to)
1. Change User Owner (Usually Needs sudo)
|
0 1 2 3 4 5 6 |
sudo chown rahul important_file.txt |
→ Now rahul is the user owner (you can’t do this without sudo unless you are root)
2. Change Group Owner Only
|
0 1 2 3 4 5 6 7 8 |
chown :developers team_project/ # or the old way: chgrp developers team_project/ |
→ Group becomes developers (anyone in that group now gets group permissions)
3. Change Both User and Group at Once (Most Common)
|
0 1 2 3 4 5 6 |
sudo chown rahul:developers shared_report.pdf |
→ User = rahul, Group = developers
4. Recursive (-R) – Change Folder + Everything Inside (Very Important!)
|
0 1 2 3 4 5 6 |
sudo chown -R www-data:www-data /var/www/html/ |
→ Makes every file and subfolder inside owned by the web server user/group (This fixes most “web server can’t write” problems)
Another real example:
|
0 1 2 3 4 5 6 7 |
chown -R webliance:developers ~/team_code/ chmod -R 775 ~/team_code/ |
→ You and your team (developers group) can now read/write/execute everything
Quick Practice Session (Do This Right Now!)
|
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
# 1. Create test files/folders mkdir ownership_test cd ownership_test touch myfile.txt mkdir shared_folder # 2. Check current ownership ls -l # → you (webliance) own everything # 3. Change group (no sudo needed if you're in the group) chown :sudo myfile.txt ls -l myfile.txt # group now sudo # 4. Change recursive (use a safe folder!) sudo chown -R $USER:$USER ~/ownership_test/ ls -l # 5. Make web-like example mkdir html touch html/index.html sudo chown -R www-data:www-data html/ ls -l html/ |
(If www-data doesn’t exist on your personal laptop — it will error, that’s okay — just see the idea)
Very Common chown Patterns You’ll Use Forever
| Situation | Command Example | Why we do it |
|---|---|---|
| Fix file owned by root after sudo | sudo chown $USER:$USER downloaded_file.sh | So you can edit it |
| Web server needs to own site folder | sudo chown -R www-data:www-data /var/www/my-site/ | Nginx/Apache can write |
| Team shared folder | chown -R :developers ~/project/ chmod -R 775 ~/project/ | Group members can edit |
| Secure your .ssh folder | chown -R $USER:$USER ~/.ssh/ chmod -R 700 ~/.ssh/ | Only you can access keys |
| Private key file | chown $USER:$USER ~/.ssh/id_rsa chmod 600 ~/.ssh/id_rsa | Security best practice |
Teacher Warnings (Listen Carefully!)
- Normal users cannot change user owner to someone else — only root/sudo can
- You can only change group to groups you are a member of (check with groups command)
- Always use -R for folders — otherwise only the top folder changes, contents stay old
- After chown, you usually need to chmod too — ownership alone doesn’t set rwx
- Never chown system files carelessly (e.g. /etc/passwd owned by normal user = broken system)
Quick Summary Table – chown Cheat Sheet
| Goal | Command Example | Needs sudo? | Common in |
|---|---|---|---|
| Change user owner | sudo chown rahul file.txt | Yes | Fixing sudo downloads |
| Change group only | chown :developers folder/ | No (if you’re in group) | Team sharing |
| Change both | sudo chown user:group file | Usually yes | Server setup |
| Recursive (folder + contents) | sudo chown -R www-data:www-data /var/www/ | Yes | Web servers, backups |
| Check your current user & groups | whoami + groups | No | Always useful |
| See ownership of a file | ls -l or stat file.txt | No | Debugging |
Got the full picture now? chown + chmod = complete control over who can do what with any file or folder in Linux.
Any part confusing? Want next: “Teacher, explain umask (why new files get 644 by default)” or “how to add/remove users from groups (usermod/gpasswd)” or “setuid/setgid/sticky bit explained” or more practice?
Just say — teacher is ready in Hyderabad! Keep running ls -l and checking ownership every time you get “permission denied”! 🐧👑🔑 😄
