Ownership and privileges (chown and sudo)

In a multi-user operating system like Linux, every resource has an owner and belongs to a specific group. Managing ownership and temporarily acquiring elevated privileges are key to system security.

Modifying Owner and Group: chown and chgrp

The chown (change owner) command allows you to change the owner user and/or group of a file or directory. Only the system administrator (root) or the current owner (with sufficient privileges) can make this change.

chown Syntax

The primary syntax of chown allows specifying the new owner and optionally the group separated by a colon ::

chown admin report.txt           # Changes owner to 'admin'
chown admin:staff report.txt     # Changes owner to 'admin' and group to 'staff'
chown :staff report.txt          # Changes group only to 'staff' (equivalent to chgrp)

The chgrp (change group) command is dedicated exclusively to changing the group owner of a file or directory:

chgrp developers script.sh       # Sets the file group to 'developers'

Superuser Privileges: sudo

In Linux, the administrative user is named root and has complete control over the system. For security reasons, you should never work continuously as root. Instead, you use the sudo (superuser do) command.

sudo allows an authorized user to execute a single command with root privileges (or another user's privileges):

sudo chown root:root private.key  # Changes owner to root by requesting elevated privileges

When you run a command with sudo, the system usually asks you to enter your current user's password (not root's) to confirm your identity and authorize the operation.

Try it yourself

Exercise 1: Change owner

Exercise 2: Change group owner

Exercise 3: Change owner and group with sudo