Overview
The chown command is used to change the “owner” and “group” of files and directories in Linux. By default, the user who creates a file becomes its owner. However, you often need to change ownership when deploying web servers or transferring files between users. Since this command modifies ownership, you usually need administrative privileges (sudo) to run it.
Specifications (Arguments and Options)
Syntax
chown [options] [user[:[group]]] filename...
Main Arguments and Options
| Option | Description |
-c | Show details only when an actual change is made (changes). |
-R | Change all files and directories within a folder recursively (Recursive). |
--reference=<file> | Apply the same owner and group settings as a specific reference file. |
-h | If the target is a symbolic link, change the owner of the link itself instead of the target file. |
--dereference | If the target is a symbolic link, change the owner of the target file (default behavior). |
-f | Suppress error messages (force). |
--from=<owner[:group]> | Change ownership only if the current owner or group matches the specified criteria. |
Specifying User and Group Names
The way you use the colon (:) determines which attributes are changed.
| Format | Example | Description |
| User:Group | user:admin | Changes owner to “user” and group to “admin”. |
| User | user | Changes owner to “user”. The group remains unchanged. |
| User: | user: | Changes owner to “user” and sets the group to that user’s login group. |
| :Group | :admin | Changes only the group to “admin” (same as chgrp). |
Basic Usage
Changing the owner of a file is the most common task. Because ownership changes are restricted, you must use sudo.
Command
# Check the current owner
ls -l config.xml
# Change the owner to 'deploy_user'
sudo chown deploy_user config.xml
# Verify the result
ls -l config.xml
Execution Result
-rw-r--r-- 1 root root 1024 Jan 20 10:00 config.xml
↓ (After execution)
-rw-r--r-- 1 deploy_user root 1024 Jan 20 10:00 config.xml
Practical Commands
Change Owner and Group Simultaneously
This is frequently used when setting permissions for web server document roots.
# Set both owner and group to 'www-data' for index.html
sudo chown www-data:www-data /var/www/html/index.html
Change Ownership Recursively
This changes the owner of a directory and every file and subdirectory inside it. This is a standard step when setting up a CMS like WordPress or fixing home directory permissions.
# Change owner of everything under /var/www/project to 'app_user'
sudo chown -R app_user /var/www/project/
Customization Points
- Separator: While older systems used a dot (
.), modern systems recommend a colon (:) because user names might contain dots. - Verification Messages: If you want to see a log of only the files that were actually changed, combine your command with the
-coption.
Important Notes
- Non-Root Limitations: In the Linux security model, regular users cannot “give away” ownership of their files to others or “take” ownership from others. You must use
sudo. - Risk of -R: Running
chown -Ron critical directories like/or/usrby mistake can break the entire system. Always double-check your target path. - Symbolic Links: By default,
chownchanges the “target file” of a link. To change the ownership of the link file itself, you must use the-hoption.
Applications
Change Only Files Owned by a Specific User
The --from option prevents accidental changes to files that do not belong to the target user. This is useful when transferring files from a former employee to a new manager.
# Only change files owned by 'old_admin' to 'new_admin'
# (Files owned by root or others will be skipped)
sudo chown -R --from=old_admin new_admin /shared/docs/
Summary
The chown command is a pillar of Linux access control. It is used alongside chmod (which sets permissions like rwx) to secure your system. Properly assigning user ownership is the first step in securing web applications and server environments. While the -R option is powerful, always practice “point and check” for your paths to avoid accidental system-wide changes.
