In Linux, it is important to change file permissions and ownership for security reasons. File permissions determine who can read, write, and execute a file, and ownership determines who has the right to change the file. By changing these settings, you can control which users can access a file and what they can do with it.
The two most commonly used commands for changing file permissions and ownership in Linux are chmod and chown, respectively.
chmod is used to change the permissions of a file or directory. The basic syntax for using this command is:
chmod [OPTION]... MODE[,MODE]... FILE...where MODE is the set of permissions you want to apply to the file, and FILE is the name of the file or directory you want to modify.
For example, to give the user read, write, and execute permissions for a file named myfile.txt, you could use the following command:
chmod u+rwx myfile.txtchown is used to change the ownership of a file or directory. The basic syntax for using this command is:
chown [OPTION]... [OWNER][:[GROUP]] FILE...where OWNER is the user you want to make the owner of the file, GROUP is the group you want to assign the file to, and FILE is the name of the file or directory you want to modify.
For example, to change the ownership of a file named myfile.txt so that the user john is the owner and the group admin is the group, you could use the following command:
chown john:admin myfile.txtThese commands can be used together to change both the permissions and ownership of a file or directory. For example, to give the user john read, write, and execute permissions for a file named myfile.txt, and make him the owner of the file with the group admin, you could use the following command:
chmod u+rwx myfile.txt
chown john:admin myfile.txtHow to Use chmod
To use chmod, you need to specify the permissions you want to set, and the file or directory you want to change the permissions for.
Here is an example of how to use chmod to change the permissions of a file called “myfile.txt”:
chmod 755 myfile.txtIn this example, the permissions are being set to 755, which allows the owner of the file to read, write, and execute the file, and allows the group and other users to read and execute the file.
To use chmod, you must be the owner of the file or have superuser (root) privileges.
You can also use chmod to change the permissions of multiple files at once, by specifying a pattern that matches the files you want to change. For example, the following chmod command changes the permissions of all files in the current directory that end in “.txt”:
chmod 755 *.txtUse the table below as a reference for permissions you can apply and what they do.
| Permission | Numeric | Description |
|---|---|---|
| rwxrwxrwx | 777 | Allows the owner, the group, and other users to read, write, and execute the file. This is the most permissive permission. |
| rwxrwxr-x | 775 | Allows the owner and the group to read, write, and execute the file, and allows other users to only read and execute the file. |
| rwxrwx— | 750 | Allows the owner and the group to read, write, and execute the file, and does not allow other users to access the file at all. |
| rwxr-xr-x | 755 | Allows the owner to read, write, and execute the file, and allows the group and other users to only read and execute the file. |
| rwxr—– | 700 | Allows the owner to read, write, and execute the file, and does not allow the group or other users to access the file at all. |
| -rw-rw-rw- | 666 | Allows the owner, the group, and other users to read and write to the file, but does not allow them to execute the file. |
| -rw-r–r– | 644 | Allows the owner to read and write to the file, and allows the group and other users to only read the file. It does not allow anyone to execute the file. |
| -rw——- | 600 | Allows the owner to read and write to the file, but does not allow the group or other users to access the file at all. It also does not allow anyone to execute |
How to Change Owners for Files & Folders
In Linux, each file and directory is owned by a specific user and group. The owner of a file or directory has special permissions that allow them to read, write, and execute the file, as well as change the permissions of the file or directory.
To view the owner of a file or directory, you can use the ls command with the -l option, which displays detailed information about the files and directories in a directory. For example, the following ls command shows the owner of a file called “myfile.txt”:
ls -l myfile.txtThis command will output something like the following:
-rw-r--r-- 1 root root 0 Dec 12 15:23 myfile.txtThe first column in the output shows the file permissions, and the next two columns show the owner and group of the file. In this example, the owner of the file is “root”, and the group is also “root”.
To change the owner of a file or directory, you can use the chown command. For example, the following chown command changes the owner of a file called “myfile.txt” to the user “johndoe”:
chown johndoe myfile.txtTo change the group of a file or directory, you can use the chgrp command. For example, the following chgrp command changes the group of a file called “myfile.txt” to the group “users”:
chgrp users myfile.txtHere are some examples of using the chown command to set permissions for web servers:
# This command sets the owner and group of the /var/www/html directory to "www-data", and the -R option makes the change recursive, so it applies to all files and directories inside /var/www/html.
chown -R www-data:www-data /var/www/html
# This command sets the owner of the log files in the /var/log/apache2 directory to "www-data" and the group to "adm". The * symbol is a wildcard that matches all files in the directory.
chown www-data:adm /var/log/apache2/*
# This command sets the owner and group of the /var/lib/mysql directory to "mysql", and the -R option makes the change recursive, so it applies to all files and directories inside /var/lib/mysql.
chown -R mysql:mysql /var/lib/mysqlUsing Options with chmod & chown
The chmod and chown commands can be used with various options to specify how the permissions should be changed.
The -R option can be used to make the change recursive, so it applies to all files and directories inside the specified directory. For example:
# for permissions
chmod -R 755 /var/www/html
# for groups & owners
chown -R mysql:mysql /var/lib/mysqlThe -f option can be used to suppress error messages:
chmod -f 644 myfile.txt
# This command sets the permissions of the myfile.txt file to 644, which allows the owner to read and write to the file, and allows the group and other users to only read the file. The -f option makes the command run quietly and suppress any error messages.