Each File Belongs to a User and a Group
Linux is a multi-user system. The operating system allows multiple user accounts to be defined and for any valid user to log on to the computer. Moreover, multiple users can use a single computer at the same time.
To maintain a record of which files belong to which user and to enforce some security, Linux uses the concept of ownership. Every file belongs to an owner—a user—and to a group.
When a file is created, its owner is the user who created it. The group that the file belongs to—the “owning” group—is the user’s current group. Users and groups have names, and they have numeric identities too, called a user (or unique) identifier (UID) and a group identifier (GID).
When you create a file, it is owned by you, and it belongs to your current group. Usually, this is the group you have signed into. By default, this is a group that shares the same name as your user name and was created when you were created as a user on the system.
You can use the chown command to can change the ownership values to something else. You can set a new owner, a new group, or a new owner and a new group at the same time. The owner of a file can change the group ownership, but only root can change the user ownership because that involves another user. Without root privileges, you can’t make another user on the system unwittingly “adopt” a file.
Why Would You Want To Change Ownership?
Here are a few examples of situations where you might want to do this:
If you transfer files between different Linux or Unix-like operating systems, you will need to change the user and group owners to the new user and group owners of the account you wish to use the files under on the new Linux computer. A user may leave your organization, and all of his files will be the responsibility of another staff member. You will need to change the owner and group owner to the staff member now responsible for those files. You may author a script that is going to be used by a specific user. You may create a file or directory logged in as root, but you want it to be accessible to a specific user.
Viewing Your Groups, UID, and GID
To list the groups you are in, you can use the groups command.
To get a list of the groups, their numerical IDs, and your UID and GID, use the id command:
You can use some options with ID to refine the output.
-u: List your UID. -g: List your effective (current) GID. -nu: List your user name. -ng: List your current group name.
Viewing User and Group Ownership of a File
To see the owners of a file or directory, use the -l (long listing) option with ls.
We can see that the name dave appears twice in the listing. The left-most appearance tells us the file owner is a user called dave. The right-most dave tells us the file belongs to a group that is also called dave.
By default, when a Linux user is created, they are added to a private group named for their username. They are the only member of that group.
This executable file is owned by the user mary and the group the file belongs to is mary’s private group.
This file is owned by the user oscar , but the group that the file belongs to is called researchlab . This means that other members of the researchlab group may access this file, according to the file permissions that have been set for the members of that group.
Changing User Ownership
Let’s work through some examples. This command will change the user ownership of the file while.c to the user mary.
We can use ls to see the changes to the file properties.
You can use chown to change the ownership of several files at once.
This changes the user ownership of all three files.
You can use wildcards to select groups of files. This command will change the user ownership of all files beginning with the letter “c.”
All of the files will now have mary as their owner. Note that none of the group ownerships have been changed.
Let’s change the ownership of a directory. We simply pass the directory name to chown instead of a filename.
To check the ownership properties of the directory we use ls, but also use the -d (directory) option to it. This lists the properties of the directory, not the files inside it.
To change the ownership of all the files in a directory, you can use the -R (recursive) option. This option will change the user ownership of all files within the archive folder.
Now let’s look at the files in the archive directory.
As expect, all of the files now belong to mary.
Changing Group Ownership
There are different ways to change the group ownership.
To change the group ownership at the same time as you change the user ownership, pass the new owner name and the new group name with a colon “:” separating them. The group must already exist.
The user owner and the group that the file belongs have both been changed.
A shorthand way to change the group ownership to the current group of the new owner, just provide the colon and omit the group name.
Both user ownership and group ownership have been changed to mary.
To change the group ownership only, precede it with a colon and omit the user name. The user owner will not be altered.
The group ownership has been changed, but the user ownership remains the same.
Using Chown with UID and GID Values
You can use the numerical UID and GID values with the chown command. This command will set the user and the group ownership to mary.
Possession is Nine-Tenths of the Law
Or so they say. But in Linux, ownership is a massive part of file security, with file permissions providing the remainder of it. Use the chown and chmod commands to secure file access on your system.