change file owner and group
chown sets the user ID and/or the group ID
of the specified files.
The options are as follows:
- If the
-Roption is specified, symbolic links on the command line are followed. Symbolic links encountered in the tree traversal are not followed.
- Treat symbolic links like other files: modify links instead of following
-Roptions are mutually exclusive.
- If the
-Roption is specified, all symbolic links are followed.
- If the
-Roption is specified, no symbolic links are followed.
- Recurse. Where file is a directory, change the user ID and/or the group ID of the directory and all the files and directories in the file hierarchy below it.
-P options are ignored unless the
-R option is specified; if none of them are given,
the default is to not follow symbolic links. In addition, these options
override each other and the command's actions are determined by the last one
The owner and group operands are both optional; however, one must be specified. If the group operand is specified, it must be preceded by a colon (‘:’) character.
The owner may be either a numeric user ID or a user name. If a user name is also a numeric user ID, the operand is used as a user name. The group may be either a numeric group ID or a group name. If a group name is also a numeric group ID, the operand is used as a group name.
chown clears the set-user-ID
and set-group-ID bits on the file to prevent accidental or mischievous
creation of set-user-ID and set-group-ID programs. This behaviour can be
overridden by setting the
sysctl(8) variable fs.posix.setuid to zero.
Only the superuser is permitted to change the owner of a file.
chown utility exits 0 on
success, and >0 if an error occurs.
chgrp(1), find(1), chown(2), fts(3), symlink(7)
chown utility is compliant with the
IEEE Std 1003.1-2008 (“POSIX.1”)
The ability to specify group without owner is an extension to that specification.
Some non-BSD systems may allow the (non-privileged) owner of a file to change its ownership.
Previous versions of the
used the dot (‘.’) character to distinguish the group name.
This was changed when the utility was first standardised in
IEEE Std 1003.2-1992 (“POSIX.2”) to be
a colon (‘:’) character to allow user and group names to
contain the dot character, though the dot separator still remains supported
due to widely required backwards compatibility.