You can use ‘chmod’ command to change file permission in Linux and the ‘chown` command to change ownership. Managing file permissions and changing ownership in Linux are essential tools for preventing permissions issues, like unauthorized access or accidental file modification, especially if you have a VPS or dedicated server.   

In this blog, we’ll walk you through how to change file permissions and ownership in Linux using the command line. 

Before that, let’s understand why file permissions and ownership are changed in Linux-based operating systems. 

Why Change Permissions and Ownership in Linux? 

1. Enhance Security  

Improper permissions can lead to unauthorized access. For instance, granting everyone access to sensitive files like SSH keys or firewall configurations can expose your system to attacks. Therefore, managing Linux permissions ensures only the right users can make changes. 

2. Control Access  

Limiting access to critical files helps you track user activities and audit unauthorized actions. This is especially important in multi-user environments. 

3. Maintain Confidentiality 

Managing ownership ensures that data is visible only to the appropriate users. For example, restricting access to customer data improves data privacy. 

4. Prevent Permissions Issues in Linux 

Misconfigured permissions can cause errors or downtime. For instance, scripts may fail if they don’t have the necessary execution permissions. Thus, setting permissions can prevent such problems. 

Understanding the Basics of File Permissions and Ownership in Linux 

 In Linux, every file and directory has three levels of permissions: 

  1. Read (r): Allows users to view a file’s content or list a directory’s contents.   
  2. Write (w): Let users edit a file or add/delete files in a directory.   
  3. Execute (x): Enables users to run a file as a program or access a directory. 

 And permissions are assigned to three user classes:

  1. Owner: The user who owns the file.   
  2. Group: A set of users who share the same permissions.   
  3. Others: All other users on the system.

For example, a file permission string like `-rwxrw-r–` means: 

  1. The owner can read, write, and execute the file.   
  2. The group can read and write.   
  3. Others can only read the file. 

How to Check the Current File Permissions and Ownership in Linux  

Before making changes in Linux, it’s important to check current permissions and ownership. You can check the current permissions of files and subfolders in Linux by navigating to the directory of interest using the cd command. Once there, you can use the ‘ls’ command with the ‘-l’ option to list the contents of the directory, along with detailed information about each file or folder.  

Here’s the basic command to identify the permission and ownership of a file:  

‘ls -l’ 

Here’s an example for better understanding:  

‘drwxrwxrwx 2 user2 admins 4096 Aug 12 06:13 config’ 

This output provides several pieces of information about the file or folder. Let’s break it down column by column: 

1. drwxrwxrwx 

It represents the file or folder’s permissions. The first character indicates whether it’s a directory (d) or a file (-). The next nine characters are divided into three groups of three: 

  • First group (rwx): Permissions are given to the owner  
  • Second group (rwx): Permissions for the group  
  • Third group (rwx): Permissions for others  

And Each position represents:  

  • r: Read  
  • w: Write  
  • x: Execute 

 2. 2 

  • The number of hard links or aliases pointing to the file or directory.  3.

3. user2

The owner of the file. Only this user has permissions defined under the “owner” section. 

4. admins

The group associated with the file. All users in this group have permissions defined under the “group” section. 

5. 4096

The size of the file or folder is measured in bytes. For directories, this often represents metadata. 

6. Aug 12 06:13  

 The last modification date and time of the file or directory. 

7. config

The name of the file or folder. 

By interpreting this output, you can quickly identify your files or folders’ current permissions, ownership, and other details. 

How to Change File Permission in Linux Using ‘Chmod’ Command 

You can use the ‘chmod’ command to modify file permissions in Linux. This command allows you to adjust who can read, write, or execute a file or folder.  

Here’s a Basic Syntax used for changing file permission:  

‘chmod [option] [mode] [file_folder_name]’

  1. [option]: Adjusts the behavior of the chmod command.  
  2. [mode]: Defines the permissions you want to set.  
  3. [file_folder_name]: Specifies the file or folder to modify.  

Setting File Permissions with Symbolic Notation  

The symbolic mode is an easy-to-understand method to define permissions. It uses letters to represent user categories and permission types.  

Here’s an example to better understand symbolic notation: ‘chmod u+wx,g-x,o=r script.sh’ 

  1. Grants write (w) and execute (x) permissions to the file owner (u).  
  2. Removes execute (x) permission for the group (g).  
  3. Sets read-only (r) permissions for others (o). 

Setting Permissions with Octal Notation  

Octal mode is another method to define Linux permissions. It uses numeric values to represent permissions: 

Here’s How it Works:  

  1. Combine numbers to set multiple permissions (e.g., 4 + 2 = 6 for read and write).  
  2. Use a three-digit format to assign permissions to the owner, group, and others.  

 Here’s an example for better understanding: ‘chmod 770 script.sh’  

  1. Grants full read (r), write (w), and execute (x) permissions to the owner and group (7 each).  
  2. Revokes all permissions for others (0). 

Recursive Permissions  

Use the recursive ‘- R’ option to modify permissions for all files and subfolders within a directory. 

Example: ‘chmod -R 777 /etc/script’ 

This command allows all users to read, write, and execute permissions for the /etc/script directory and its contents. Be cautious when using 777, as it can expose sensitive files to unauthorized users. 

How to Change Ownership in Linux Using ‘chown’ Command  

The ‘chown’ (change ownership) command lets you modify the owner and group of a file. 

  1. You can change the owner using this command: ‘chown newowner myfile.txt
  2. You can change the group using this command: ‘chown :newgroup myfile.txt
  3. You can change both owner and group at once using this command: ‘chown newowner:newgroup myfile.txt
  4. To apply ownership changes to all files and subdirectories within a folder, use the -R option:

‘chown -R newowner:newgroup /path/to/directory’ 

Best Practices for Managing Permissions and Ownership 

  1. Follow the Principle of Least Privilege (PoLP), which grants the minimum permissions needed for a task. This means you only have root access to the server.  
  2. Be cautious with `-R` in `chmod` or `chown`, as it applies changes to all files and subdirectories. Double-check your commands to avoid mistakes. 
  3. Instead of assigning permissions to individual users, create groups for specific roles and assign permissions at the group level. 
  4. Maintain logs of permission changes to simplify troubleshooting. 

Conclusion 

Understanding and managing file permissions in Linux and ownership in Linux is essential for maintaining a secure and efficient system. The ‘chmod’ and ‘chown’ commands provide powerful tools to control access and prevent permissions issues in Linux.  

Still confused or want to share your thoughts? Leave a comment below!