5.3 Managing File Permissions and Ownership (Weight: 2)
📘Linux Essentials (LPI 010-160)
1. Why Ownership and Permissions Need to Be Changed
In Linux, every file and directory has:
- An owner (user)
- A group
- A set of permissions
Sometimes these need to be changed. Common IT situations include:
- A system administrator transferring ownership of project files to another user.
- A web server needing permission to access website files.
- A shared development directory requiring group access.
- Restricting sensitive configuration files so only administrators can modify them.
Linux provides commands to change both ownership and permissions.
2. Changing File Ownership
The command used to change ownership is:
chown
chown stands for change owner.
This command changes the owner user and optionally the group of a file or directory.
2.1 Basic Syntax
chown new_owner filename
Example:
chown alice report.txt
Result:
- The owner of report.txt becomes alice.
2.2 Changing Owner and Group
You can change both the owner and group at the same time.
Syntax:
chown user:group filename
Example:
chown alice:developers project.txt
Result:
- Owner → alice
- Group → developers
2.3 Changing Only the Group
If you only want to change the group, use:
chown :group filename
Example:
chown :developers project.txt
This keeps the owner unchanged but changes the group.
2.4 Changing Ownership of Multiple Files
You can change ownership for several files at once.
Example:
chown alice file1.txt file2.txt file3.txt
All listed files will now belong to alice.
2.5 Recursive Ownership Changes
When working with directories, administrators often need to change ownership for all files inside the directory.
The -R option performs recursive changes.
chown -R user:group directory
Example:
chown -R webadmin:webteam /var/www/project
Result:
- Ownership changes for the directory
- Ownership changes for all files and subdirectories inside it
This is commonly used when deploying web applications.
2.6 Who Can Use chown
Important exam point:
- Only the root user can change file ownership.
- Normal users cannot assign files to other users.
However:
- Users may change the group of their files if they belong to that group (depending on system configuration).
3. Changing Group Ownership
Another command used to change the group owner is:
chgrp
chgrp stands for change group.
3.1 Syntax
chgrp groupname filename
Example:
chgrp developers code.py
Result:
- Group owner becomes developers.
3.2 Recursive Group Change
chgrp -R groupname directory
Example:
chgrp -R devteam /srv/app
This changes the group for all files and directories inside.
4. Changing Permissions
Permissions control what users can do with files.
Permissions include:
| Permission | Symbol | Meaning |
|---|---|---|
| Read | r | View file contents |
| Write | w | Modify file |
| Execute | x | Run file as a program |
These permissions apply to three categories:
- User (u) – file owner
- Group (g) – group members
- Others (o) – everyone else
5. chmod Command
The command used to change permissions is:
chmod
chmod stands for change mode.
It modifies the permission settings of files and directories.
6. Symbolic Mode
Symbolic mode changes permissions using letters.
Symbols used:
| Symbol | Meaning |
|---|---|
| u | user |
| g | group |
| o | others |
| a | all |
| + | add permission |
| – | remove permission |
| = | set exact permission |
6.1 Adding Permissions
Example:
chmod u+x script.sh
Result:
- Adds execute permission for the owner.
Example:
chmod g+w project.txt
Result:
- Adds write permission for the group.
6.2 Removing Permissions
Example:
chmod o-w report.txt
Result:
- Others can no longer modify the file.
6.3 Setting Exact Permissions
Example:
chmod u=rwx,g=rx,o=r file.txt
Result:
- User → read, write, execute
- Group → read, execute
- Others → read only
7. Numeric (Octal) Mode
Another method uses numbers instead of symbols.
Each permission has a value:
| Permission | Value |
|---|---|
| Read | 4 |
| Write | 2 |
| Execute | 1 |
Values are added together.
Examples:
| Permission | Value |
|---|---|
| rwx | 7 |
| rw- | 6 |
| r-x | 5 |
| r– | 4 |
Permissions are written as three digits:
user group others
7.1 Example
chmod 755 script.sh
Meaning:
| Category | Permission |
|---|---|
| User | rwx |
| Group | r-x |
| Others | r-x |
Common for executable scripts.
Another example:
chmod 644 file.txt
Meaning:
| Category | Permission |
|---|---|
| User | rw- |
| Group | r– |
| Others | r– |
This is commonly used for configuration files.
8. Recursive Permission Changes
To apply permission changes to a directory and everything inside it:
chmod -R permissions directory
Example:
chmod -R 755 /opt/application
This updates permissions for:
- directory
- all subdirectories
- all files inside
Administrators must use this carefully to avoid incorrect permissions.
9. Viewing Ownership and Permissions
Before changing permissions, administrators usually check current settings.
Use:
ls -l
Example output:
-rw-r--r-- 1 alice developers 1024 Mar 10 report.txt
Breakdown:
| Field | Meaning |
|---|---|
| -rw-r–r– | permissions |
| alice | owner |
| developers | group |
| 1024 | file size |
| report.txt | file name |
10. Common IT Environment Scenarios
Web Server Files
Web applications often require specific ownership.
Example:
chown -R www-data:www-data /var/www/html
This allows the web server process to access the files.
Shared Development Directory
A development team may share a project directory.
Example:
chown -R devlead:developers /srv/project
chmod -R 775 /srv/project
Result:
- Owner and group members can modify files.
- Others have limited access.
Securing Configuration Files
Sensitive system configuration files should restrict modification.
Example:
chmod 600 database.conf
Result:
- Only the owner can read and modify the file.
11. Important Exam Points
For the Linux Essentials (010-160) exam, remember these key points:
Commands
| Command | Purpose |
|---|---|
| chown | Change file owner |
| chgrp | Change group owner |
| chmod | Change file permissions |
Important Options
| Option | Purpose |
|---|---|
| -R | Recursive changes |
| u,g,o,a | Permission categories |
| +,-,= | Permission operations |
Numeric Permissions
| Number | Meaning |
|---|---|
| 7 | rwx |
| 6 | rw- |
| 5 | r-x |
| 4 | r– |
Key Rules
- Only root can change file ownership.
- Permissions control access to files and directories.
- Ownership determines who manages the file.
- Recursive operations affect all files and subdirectories.
✔ After understanding this section, you should be able to:
- Change file ownership using
chown - Change group ownership using
chgrp - Modify permissions using
chmod - Use both symbolic and numeric permission modes
- Apply changes recursively to directories
These skills are essential for managing file access and security in Linux systems.
