Change File's Ownership, Group, and Access Permissions

Ownership and groups of files and directories are governed by the following rules:

1. When a file is created, the user who created it owns it.
2. When a file is created, it belongs to the group of the user who created it.

The command chown is used to change a file's owner. The command chgrp is used to change a file's group. These commands have the following syntax:

chown new_owner filename
chgrp new_group filename

In general, only the superuser may change file ownership. If a user owns a file, he or she may change its group to another group if he or she belongs to the new group. In practice, these commands are almost always used by the superuser. Both chgrp and chown support the –R option, which allows changing ownership of an entire directory tree. For example, to change everything in directory1 and its subdirectories to have owner owner2, use

chown –R owner2 directory1

Unix file ownership is a bit more complex than it is under some other operating systems. The basic concept is that each file has an owner. Typically, the user who created it and has control over it. On Unix systems, files have two owners:

1. a user owner and
2. a group owner.

What is unusual about Unix file ownership is that these two owners are decoupled. A file's group ownership is independent of the user who owns it. In other words, although a file’s group owner is often, perhaps even usually, the same as the group its user owner belongs to, this is not required. In fact, the user owner of a file does need not even need to be a member of the group that owns it. There is no necessary connection between them at all. In such a case, when file access is specified for a file’s group owner, it applies to members of that group and not to other members of its user owner’s group, who are treated simply as part of "other": the rest of the world.
The motivation behind this group ownership of files is to allow file protections and permissions to be organized according to your needs. The key point here is flexibility, since Unix lets users be in more than one group, you are free to create groups as you need them. Files can be made accessible to almost completely arbitrary collections of the system's users. Group file ownership means that giving someone access to an entire set of files and commands is as simple as adding her to the group that owns them; similarly, taking access away from someone else involves removing her from the relevant group.
The following section discusses how to change a file’s ownership and group.

Here are the steps you need to follow to complete file and directory ownership.

1. Log in to the system with the name user1 and the password userpass.
2. Standard UNIX procedure is to create a home directory for each user. Once you log in, you are placed in your home directory, which is named user1 in this scenario. List the files in your home directory, showing the permissions, owner, and group of each file.
   Solution: Type ls -alg to list the files in the working directory and show their permissions, owners, and groups. The ls command without any options simply lists the files and directories. It does not give you detailed information about the permissions,owners, and groups associated with each file. The ls -l command does list most of the file attributes, but you need the a and g options to gain all the file and directory information.
3. Notice that user1 owns the files and the /home/user1 directory and that root owns the /home directory. Notice also that a group, in this case user1, owns the files. This ownership is because, as you learned in the lesson, a file belongs to the user, as well as to that user’s group. Now, create an empty, new file named newfile inside your home directory (user1).
   Solution: Use the touch command to create a new, empty file. In addition to the command, you need to specify the name of the new, empty file you want to create.
4. List the files in this directory again, showing the permissions, owner, and group of each file.
   Solution: Type ls –alg to list all attributes of the files in the working directory.
5. Note that user1 owns newfile and that it belongs to the group to which user1 belongs. In this case the group is also named user1. Thisownership arrangement is just as you would expect. Now, assert root privileges.
   Solution: Use the su command to obtain root permissions.
6. Create another new, empty file in this directory. Name this file newfile2. You are still in the user1 directory, because asserting root privileges and gaining a root subshell does not change your home directory.
   Solution: Use the touch command to create the newfile2 file.
7. List the files in this directory, showing the permissions, owner, and group of each file.
   Solution: Type ls -alg to list all attributes of the files in the working directory.
8. Notice that newfile2 has root as the owner. Also, notice that root is also the group. Now, change the ownership of newfile2 so that user1 is the owner.
   Solution: chown user1 newfile2
9. Now, change the group ownership of newfile2 so it belongs to the same group as the other files in this directory.
   Solution: chgrp user1 newfile2
10. List the files in this directory to confirm that your changes in ownership and group have taken effect.
    Solution: ls -alg
11. You have changed the ownership and the group associated with newfile2. Now, create a subdirectory to the user1 directory. Name it newdir.
    Solution: mkdir newdir
12. Without changing directories, create a new, empty file named newfile3 in the newdir subdirectory. Use ./ to indicate the current directory.
    Solution: touch ./newdir/newfile3
13. Now, change the ownership of the newdir subdirectory and its contents so user1 is the owner.
    Solution: chown -R user1 ./newdir
14. Close the root subshell.
    Solution: To surrender root permissions and/or close a subshell, type the exit command.
15. Now, change the ownership of newfile2 so that user2 is the owner.
    Solution: chown user2 newfile2