• Modern UX

    Edit and navigate faster in the terminal with Warp's IDE-like input editor.

  • Warp AI

    AI suggests what commands to run and learns from your documentation.

  • Agent Mode

    Delegate tasks to AI and use natural language on the command line.

  • Warp Drive

    Save and share interactive notebooks, workflows, and environment variables.

  • All Features

What Does sudo chown Do?

Thumbnail for Razvan LudosanuRazvan Ludosanu

Razvan Ludosanu

Founder, learnbackend.dev

Published: 1/31/2024

About Terminus

In Unix and Linux, each file and directory belong to a user and a group. To allow other users to read, write, or execute them, we can change their access rights—also called permissions—using the chmod command. Another way to achieve this consists in directly transferring their ownership to another user or group of users using the chown command. However, unlike chmod, the chown command is more sensitive and requires elevated privileges to be executed.

In this post, we’ll discuss why the chown command requires superuser privileges and what are the most common pitfalls to avoid when using it.

Executing the chown command as root with sudo chown

In Linux, regular users are not allowed to change the ownership of files or directories, even if they own them.

The main reason for this security mechanism is to prevent users from acquiring or giving away files they’re not supposed to, which could end up being harmful to the system or flagged as suspicious activity.

For example:

  • A user could bypass their assigned disk quota—which is the amount of space allotted to each user for file storage on a given computer—by creating a file in a directory only accessible by them, and transfer the ownership of this file to another user. This file would then count towards the disk quota of another user and not themselves.
  • A user could give away a file containing illegal or compromising data to another user, without leaving a trace of who originally created it.
  • A user could usurp the identity of another user and transfer the ownership of a private file to themselves.
  • A user could accidentally change the ownership of a binary required by the operating system, resulting in broken commands such as sudo.

Using the sudo command

To execute the chown command, a user will have to be registered on the list of sudoers, and temporarily gain elevated privileges through the use of the sudo command.

 $ sudo chown  

Run in Warp

Choosing a user for sudo chown <user>

When using sudo chown command, the user argument designates any user account registered on the system, which can be, for example, your own account (e.g. johndoe) or the root account.

Using user identifiers UIDs

One valid argument as <user> is a user identifier (UID). On Unix-like operating systems, each user is identified by a unique value called the UID. On most distributions, identifiers below 1000 are reserved for a special type of users called system users, which are in fact security identities used by system daemons.

Since the chown command allows you to either use symbolic names (e.g. foobar) or identifiers (e.g. 1001) to specify the user or group you want to transfer the ownership of a file to, you have to make sure not to mistake them with numeric permissions, such as the ones used with the chmod command.

For example, executing the following command will result in the target file being transferred to the user identified on the system by the UID 777.

 # This 777 refers to the user with UID 777
 # very different from the common chmod 777 command
 $ sudo chown 777 file

Run in Warp

Avoiding common pitfalls

The execution of the chown command is definitive and can be extremely harmful to the operating system if not used with caution. In this part, we’ll cover the most common pitfalls to avoid when using it.

Transferring ownership to the root user (sudo chown root)

Transferring the ownership of files and directories to the root user in order to restrict their access is usually discouraged. Instead, it is better to use the chmod command to change their permissions.

For example, transferring the home folder of a user to the root user, will result in this user being unable to access or operate on its files anymore.

 # DON’T RUN THIS
 $ sudo chown root:root /home/foobar

Run in Warp

Using the recursive flag (sudo chown -r)

The chown command has a handy but quite dangerous option flag -R, that allows you to recursively change the ownership of the entries contained in a specific directory.

 $ sudo chown -R <user> <file>

Run in Warp

This command is often combined with the whoami command–itself executed within a subshell using the command substitution syntax $(command) –which allows the transfer of the targeted entries onto the user you are currently logged in as.

 $ sudo chown -R $(whoami) file

Run in Warp

When using this flag, you have to be careful not to insert any undesirable spaces or typos in the path of the target directory, especially if your path starts at the root directory (/), as you might otherwise end up with a broken system. As a rule of thumb, it is usually discouraged to change the ownership of files that belong to the system or the root user.

For example, executing the following command will result in all the entries of the filesystem to be assigned to the foobar user, which will cause commands such as sudo to become unusable, thus preventing any user from gaining elevated privileges.

 # DON’T RUN THIS
 $ sudo chown -R foobar / var/www

Run in Warp

Written by

Thumbnail for Razvan LudosanuRazvan Ludosanu

Razvan Ludosanu

Founder, learnbackend.dev

Filed Under

Related Articles

List Open Ports in Linux

Learn how to output the list of open TCP and UDP ports in Linux, as well as their IP addresses and ports using the netstat command.

UnixLinux
Thumbnail for Razvan LudosanuRazvan Ludosanu

Count Files in Linux

Learn how to count files and folders contained in directories and subdirectories in Linux using the ls, find, and wc commands.

LinuxUnix
Thumbnail for Razvan LudosanuRazvan Ludosanu

How to Check the Size of Folders in Linux

Learn how to output the size of directories and subdirectories in a human-readable format in Linux and macOS using the du command.

LinuxUnix
Thumbnail for Razvan LudosanuRazvan Ludosanu

Linux Chmod Command

Understand how to use chmod to change the permissions of files and directories. See examples with various chmod options.

Linux
Thumbnail for Razvan LudosanuRazvan Ludosanu

POST JSON Data With Curl

How to send valid HTTP POST requests with JSON data payloads using the curl command and how to avoid common syntax pitfalls. Also, how to solve the HTTP 405 error code.

BashUnixLinux
Thumbnail for Neeran GulNeeran Gul

Format Command Output In Linux

Learn how to filter and format the content of files and the output of commands in Linux using the awk command.

Linux

Create Groups In Linux

Learn how to manually and automatically create and list groups in Linux.

Linux

Switch Users In Linux

Learn how to switch between users, log in as another user, and execute commands as another user in Linux.

Linux

Remover Users in Linux

Learn how to remove local and remote user accounts and associated groups and files in Linux using the userdel and deluser commands.

Linux

Delete Files In Linux

Learn how to selectively delete files in Linux based on patterns and properties using the rm command.

Linux

Find Files In Linux

Learn how to find and filter files in Linux by owner, size, date, type and content using the find command.

Linux

Copy Files In Linux

Learn how to safely and recursively copy one or more files locally and remotely in Linux using the cp and scp command.

Linux

Trusted by hundreds of thousands of professional developers

Download Warp to get started

Download for Mac
Thumbnail for null