chown — quick reference
Basic ownership
Change the user owner, group owner, or both. Owner is unchanged if omitted; group is unchanged if omitted unless you use the owner:group form.
| When to use | Command |
|---|---|
| Change only the user owner | sudo chown USER FILE |
| Change user and group together | sudo chown USER:GROUP FILE |
| Change only the group (user stays the same) | sudo chown :GROUP FILE |
| Change ownership of several files at once | sudo chown USER FILE1 FILE2 FILE3 |
| Set owner by numeric UID | sudo chown 1001 FILE |
| Set owner and group by numeric UID:GID | sudo chown 1001:1001 FILE |
Recursive traversal
Apply ownership to a directory and everything under it. With -R, pick how symbolic links to directories are handled; only the last -H, -L, or -P on the command line counts (-P is the default).
| When to use | Command |
|---|---|
| Change ownership of a directory tree | sudo chown -R USER:GROUP DIR |
| If a CLI argument is a symlink to a directory, traverse it | sudo chown -R -H USER DIR |
| Follow every symlink to a directory found while walking | sudo chown -R -L USER DIR |
| Do not traverse symlinks to directories (default) | sudo chown -R -P USER DIR |
Symbolic links
By default, chown changes the target file a symlink points to. Use -h when you need to change the link itself.
| When to use | Command |
|---|---|
| Change the symlink inode, not its target | sudo chown -h USER:GROUP SYMLINK |
| Change the referent (default behaviour) | sudo chown USER:GROUP SYMLINK |
Conditional and reference ownership
Safer updates when you only want to touch files that already match an owner, or when you want two paths to share the same ownership.
| When to use | Command |
|---|---|
| Change owner only if the current owner matches | sudo chown --from=OLDUSER NEWUSER FILE |
| Change group only if the current group matches | sudo chown --from=:OLDGROUP :NEWGROUP FILE |
| Copy owner and group from another file | sudo chown --reference=REF FILE |
Output control
Useful in scripts and when you want a clean log of what actually changed.
| When to use | Command |
|---|---|
| Print a line for every file processed | sudo chown -v USER FILE |
| Print a line only when ownership changes | sudo chown -c USER FILE |
| Suppress most file-related error messages | sudo chown -f USER FILE |
Safety
Block catastrophic recursive runs against / unless you explicitly override the failsafe.
| When to use | Command |
|---|---|
Refuse recursive chown on / (recommended default) |
sudo chown -R --preserve-root USER /path |
Allow recursive operations on / (dangerous) |
sudo chown -R --no-preserve-root USER / |
Help and version
| When to use | Command |
|---|---|
| Show brief usage | chown --help |
| Show coreutils version | chown --version |
chown — command syntax
Synopsis from chown --help on Ubuntu 25.04 (chown GNU coreutils 9.5):
chown [OPTION]... [OWNER][:[GROUP]] FILE...
or: chown [OPTION]... --reference=RFILE FILE...chown updates ownership metadata on disk. It does not change permission bits — use chmod for rwx. Most changes need sudo.
chown — command examples
Essential Change the user owner of one file
After a copy or restore, a file may belong to the wrong user. Set a new owner while leaving the group unchanged.
Run the command:
sudo chown nobody /tmp/chown-lab/file1.txtSample output:
(no output on success)Check ownership with ls -l:
ls -l /tmp/chown-lab/file1.txtSample output:
-rw-r--r-- 1 nobody root 13 Jul 1 17:44 /tmp/chown-lab/file1.txtThe third field (nobody) is the user owner; the fourth (root) is the group owner.
Essential Set user and group in one command
Web deploys and package installs often need both owner and group fixed at once. The user:group form is the usual pattern.
Run the command:
sudo chown root:root /tmp/chown-lab/file1.txtVerify:
ls -l /tmp/chown-lab/file1.txtSample output:
-rw-r--r-- 1 root root 13 Jul 1 17:44 /tmp/chown-lab/file1.txtBoth the user and group columns now show root.
Common Change only the group with a leading colon
When the user is correct but the group is wrong, prefix the group name with : so chown knows you are not renaming the user.
Run the command:
sudo chown :users /tmp/chown-lab/file1.txtVerify:
ls -l /tmp/chown-lab/file1.txtSample output:
-rw-r--r-- 1 root users 13 Jul 1 17:44 /tmp/chown-lab/file1.txtThe user stayed root; only the group changed to users.
Common Recursive chown on a directory tree
Use -R when an entire project or upload directory should share one owner and group — common after unpacking tarballs as root.
Run the command:
sudo chown -R nobody:users /tmp/chown-labVerify the tree:
ls -lR /tmp/chown-labSample output (trimmed):
/tmp/chown-lab:
total 12
-rw-r--r-- 1 nobody users 13 Jul 1 17:44 file1.txt
-rw-r--r-- 1 nobody users 5 Jul 1 17:44 file2.txt
drwxr-xr-x 2 nobody users 40 Jul 1 17:44 subdir
lrwxrwxrwx 1 nobody users 9 Jul 1 17:44 symlink1 -> file1.txt
/tmp/chown-lab/subdir:
total 0Every file and subdirectory under the path picked up the new ownership.
Common Change ownership only when the current owner matches
The --from option skips files that do not match the current owner. That helps scripts avoid fighting manual fixes.
Run the command when the file is owned by nobody:
sudo chown nobody /tmp/chown-lab/file1.txt
sudo chown --from=nobody root /tmp/chown-lab/file1.txtVerify:
ls -l /tmp/chown-lab/file1.txtSample output:
-rw-r--r-- 1 root nogroup 13 Jul 1 17:44 /tmp/chown-lab/file1.txtIf the owner does not match --from, nothing changes and there is no error:
sudo chown --from=nobody nobody /tmp/chown-lab/file1.txt
ls -l /tmp/chown-lab/file1.txtThe owner stays root because the file is no longer owned by nobody.
Common Copy ownership from a reference file
When two config files should match, --reference copies both user and group from a template file instead of typing names twice.
Run the command:
sudo chown root:root /tmp/chown-lab/ref.txt
sudo chown nobody /tmp/chown-lab/file1.txt
sudo chown --reference=/tmp/chown-lab/ref.txt /tmp/chown-lab/file1.txtVerify both files:
ls -l /tmp/chown-lab/ref.txt /tmp/chown-lab/file1.txtSample output:
-rw-r--r-- 1 root root 13 Jul 1 17:44 /tmp/chown-lab/file1.txt
-rw-r--r-- 1 root root 13 Jul 1 17:44 /tmp/chown-lab/ref.txtfile1.txt now matches ref.txt for both owner and group.
Advanced Symlink: change the link vs the target
By default, chown follows symlinks and changes the target file. Use -h when you need the symlink inode itself to change owner — rare, but relevant on systems that allow symlink ownership.
Create a quick lab:
Point a short command name at the install path with ln -sf; the create symbolic link on Linux covers -s, -f, and safe targets under /usr/local/bin.
mkdir -p /tmp/chown-lab && echo test > /tmp/chown-lab/file1.txt && ln -sf file1.txt /tmp/chown-lab/symlink1
sudo chown root:root /tmp/chown-lab/file1.txtChange the symlink itself with -h:
sudo chown -h nobody /tmp/chown-lab/symlink1
ls -l /tmp/chown-lab/symlink1 /tmp/chown-lab/file1.txtSample output:
lrwxrwxrwx 1 nobody root 9 Jul 1 17:44 /tmp/chown-lab/symlink1 -> file1.txt
-rw-r--r-- 1 root root 13 Jul 1 17:44 /tmp/chown-lab/file1.txtWithout -h, the target changes instead:
sudo chown root:root /tmp/chown-lab/file1.txt
sudo chown nobody /tmp/chown-lab/symlink1
ls -l /tmp/chown-lab/symlink1 /tmp/chown-lab/file1.txtSample output:
-rw-r--r-- 1 nobody root 13 Jul 1 17:44 /tmp/chown-lab/file1.txt
lrwxrwxrwx 1 nobody root 9 Jul 1 17:44 /tmp/chown-lab/symlink1 -> file1.txtHere file1.txt became nobody even though you named the symlink on the command line.
Advanced Verbose and changes-only output
-v prints every file touched; -c prints only lines where ownership actually changed. Both are handy in automation logs.
Show all processing with -v:
sudo chown -v root /tmp/chown-lab/file1.txtSample output:
changed ownership of '/tmp/chown-lab/file1.txt' from nobody to rootShow output only when something changes with -c:
sudo chown -c root /tmp/chown-lab/file1.txt
sudo chown -c nobody /tmp/chown-lab/file1.txtSample output (second run only):
changed ownership of '/tmp/chown-lab/file1.txt' from root to nobodyRe-running -c with the same owner produces no lines.
chown — when to use / when not
| Use chown when | Use something else when |
|---|---|
|
|
chown vs chgrp vs chmod
| chown | chgrp | chmod | |
|---|---|---|---|
| Changes | User owner and/or group owner | Group owner only | Permission bits (rwx) |
| Typical form | USER:GROUP |
:GROUP or GROUP |
755, u+x, … |
| Privilege | Usually needs sudo | Usually needs sudo | Owner or sudo depending on file |
See chmod for modes and chgrp when the user owner is already correct.
Related commands
Commands that often appear in the same ownership and permissions workflow.
| Command | One line |
|---|---|
| chown | Change user and/or group owner (this page) |
ls |
List files with owner, group, and mode |
id |
Show UID, GID, and group membership for a user |
Browse the full index in our Linux commands reference.
chown — interview corner
What does the chown command do in Linux?
Every file and directory has a user owner and a group owner stored in the inode. The chown command — short for change owner — updates one or both of those fields.
Check current ownership:
ls -l /etc/hostsSample output:
-rw-r--r-- 1 root root 258 Jul 1 12:00 /etc/hostsThe third column is the user owner; the fourth is the group owner. Changing ownership usually requires root or sudo because it affects access control.
A strong answer is:
"chown changes the user owner and/or group owner of files and directories. I read ownership with ls -l and use sudo chown user:group when fixing deploy trees or restored backups."
What is the difference between chown and chmod?
They solve different problems. chown answers who owns the file (user and group names in ls -l). chmod answers what that owner, the group, and others may do — read, write, or execute.
| Command | Changes |
|---|---|
chown alice:dev file |
Owner alice, group dev |
chmod 640 file |
Permissions rw-r----- |
You often use both after a tarball unpack: chown to fix the service account, chmod to lock down secrets.
A strong answer is:
"chown changes who owns the file; chmod changes rwx permission bits. After restores I typically chown to the app user, then chmod to tighten world-readable files."
What does chown -R do?
The -R (recursive) flag applies the ownership change to the named directory and every file and subdirectory under it. It is the usual fix when an entire web root or home tree has the wrong owner.
sudo chown -R www-data:www-data /var/www/myappCombine with --preserve-root so an accidental chown -R against / is rejected. GNU chown prints:
chown: it is dangerous to operate recursively on '/'
chown: use --no-preserve-root to override this failsafeA strong answer is:
"chown -R walks a directory tree and sets the same owner on every entry. I always double-check the path and rely on --preserve-root to block mistakes on /."
Does chown follow symbolic links?
By default, yes — chown changes the target file the symlink points to, not the symlink inode. That is what you usually want when fixing data files.
To change the symlink itself, add -h (no dereference):
sudo chown -h user:group mylinkOn Linux this matters mainly when symlink ownership is visible in ls -l and you are auditing link metadata.
A strong answer is:
"Default chown follows symlinks and updates the referent. I use chown -h when I specifically need the symlink inode's owner changed."
Can chown use numeric UID and GID?
Yes. Symbolic names are readable; numeric IDs are reliable across hosts where usernames differ.
sudo chown 1001:1001 /srv/data/fileLook up IDs with:
id -u alice
id -g devteamNFS and container volume mounts often document ownership by number, not name.
A strong answer is:
"chown accepts UID and GID numbers — I use them when usernames differ between systems or when matching NFS uid maps."
Troubleshooting
| Symptom | Likely cause | Fix |
|---|---|---|
Operation not permitted |
Not root and not the file owner | Run with sudo or change only files you own |
invalid user / invalid group |
Name not in /etc/passwd or /etc/group |
Create the account/group first, or use a valid numeric UID/GID |
cannot access 'FILE': No such file or directory |
Wrong path or race in a script | Fix the path; use -f to suppress the message if missing files are expected |
it is dangerous to operate recursively on '/' |
-R targeted / with --preserve-root |
Narrow the path; never use --no-preserve-root unless you fully intend to |
| Symlink owner unchanged but target changed | Default dereference behaviour | Add -h if you meant to change the link inode |
--from appears to do nothing |
Current owner does not match | Confirm with ls -l; adjust --from or drop it |
