Let's say I am the user Alice and I have a publicly accessible folder /samba/public The permissions of the public Samba folder (/samba/public/) are nobody:nogroup and 0777. When Alice tries to copy over something from her home folder to the shared public drive (e.g cp ~/Downloads/* /samba/public), Alice wants the newly copied files to be editable/deletable by all guests who have access to the public Samba share. I want the copied files to be owned by nobody:nogroup and set to 0777. Instead, what happens is that the newly copied files are owned by alice:alice and guest users on the public drive can't edit or delete the files. How can I ensure that future copy/move operations of content from Alice's home folder to the shared/public Samba folder will be owned by nobody:nogroup so that guest users aren't then prevented from deleting/editing the files themselves?

I have a folder, my-folder. From its parent directory, I first do: sudo chown -cR mat: my-folder If I then do: chmod -cR 600 my-folder, I get: chmod: cannot access 'my-folder/build.sh': Permission denied chmod: cannot access 'my-folder/vmdk': Permission denied chmod: cannot access 'my-folder/.git': Permission denied chmod: cannot access 'my-folder/run.sh': Permission denied chmod: cannot access 'my-folder/docker': Permission denied chmod: cannot access 'my-folder/.gitignore': Permission denied Am I not supposed to fully own this folder and its content? Notes: Running sudo chmod -cR 600 my-folder does not print anything. mat is what I get when I type whoami.

I've encountered multiple cases where new Linux users accidentally run a command equivalent to

sudo chown -R $USER:$USER /

which silently destroys permissions for the whole system. (Often this happens because they accidentally mounted the main hard drive in a folder when attempting to mount a USB drive. But sometimes a simple typo.) Obviously "don't be a noob" is the first answer. But I'm wondering if there's a package that provides a safer chown, i.e. it warns you if you're about to change ownership of /usr/bin and refuses to do it unless you do a --force or something. That seems like a much more sensible default behavior, so if it exists, I'd like to install it on my systems. Does anyone know of something like that? (I'm not looking for philosophical debates here -- obviously we can't protect against all sudo actions, but I think an "are you sure" is desirable before nuking a system.)

I recently experienced a Mass Email attack where someone "sniffed" my email and was using it as a "From:myemail@email.com" in the mass attack. I believe my email info get sniffed because I enabled IMAP, used SSL instead of TLS, among other things. But I also got lazy with root user in my dockerfile. I'm a data engineer and not a linux pro. I'm sharing a dockerfile that I'm extending from apache-airflow after running a build command. **Can you please help me do something other than "USER root" below? How can I make everything just the "myuser"?**

FROM apache/airflow:latest
COPY --chown=myuser:root requirements.txt /
USER root
RUN apt-get update
RUN apt-get install -y --no-install-recommends vim
RUN apt-get install libmysqlclient-dev
RUN apt-get autoremove -yqq --purge
RUN apt-get clean
RUN rm -rf /var/lib/apt/lists/*

USER myuser
ENV PYTHONPATH=/usr/local/bin/python:...
RUN export PATH=$PATH:$PYTHONPATH
RUN pip install --upgrade pip
RUN pip install --no-cache-dir -r /requirements.txt

I tried removing chown and starting with USER myuser instead of root, but I got a permission denied error when running the first RUN apt-get... commands.

I installed texlive as usual in /usr/local/texlive/2025. When installing I typed umask 0027 prior to each command (./configure, make...), hoping that the resulting files would have root as owner and me as group with the same rights to access, read and change the files. Nevertheless, when updating texlive (sudo tlmgr --self --all --no-auto-remove update), the owner becomes root, the group becomes root instead of ME, and I neither can use commands like luatex nor the .sty files etc., as they're owned by root. So, each time I update texlive via tlmgr I have to change owner and group manually for all files in \textlive\2025. What can I do to set owner=root and user=ME for all files newly created and changed with sudo tlmgr ... in the future?

I have a partition that's NFS-mounted from a Netapp SAN. I can create files in that partition, and I can chown those files to another user, any user, even root. How am I able to do so? I thought the kernel would prevent such a thing. I have done this again and again today, using multiple user IDs on the file. I cannot do this in /tmp or in my home directory, which is locally-mounted. I've never seen this behaviour before. Also, I note that setcap/getcap are not found on this machine. I have checked my shell's capabilities and they are all 0's: $ echo $$ 15007 $ cat /proc/15007/task/15007/status Name: bash State: S (sleeping) SleepAVG: 98% Tgid: 15007 Pid: 15007 PPid: 14988 TracerPid: 0 Uid: 71579 71579 71579 71579 Gid: 10000 10000 10000 10000 FDSize: 256 Groups: 9000 10000 10001 10013 10018 10420 24611 36021 ... CapInh: 0000000000000000 CapPrm: 0000000000000000 CapEff: 0000000000000000 I am on a Red Hat 5.3 virtual machine: $ cat /etc/redhat-release Red Hat Enterprise Linux Server release 5.3 (Tikanga) Running an old kernel: $ uname -r 2.6.18-274.7.1.el5 The NFS mount uses defaults: $ cat /etc/fstab ... mynetapp00:/home /mnt/home nfs defaults 0 0 For user authentication, we're using Windows Active Directory with ldap on the Linux side: $ grep passwd /etc/nsswitch.conf passwd: files ldap I'm able to do anthing as sudo: User mikes may run the following commands on this host: (ALL) ALL because I'm one of the ADMINS (contents of /etc/sudoers): User_Alias ADMINS = fred, tom, mikes ADMINS ALL=(ALL) ALL ...But I don't know how that's germaine, because sudo isn't involved. In any event, I was able to create a file and give it my ownership as a user "john" who's not found in /etc/sudoers: # grep john /etc/sudoers # su - john $ touch /mnt/home/blah $ chown mikes /mnt/home/blah $ ls -l /mnt/home/blah -rwxrwxrwx 1 mikes DomainUsers 0 Oct 23 19:45 /mnt/home/blah ...and chown is not aliased (but we knew that, because if chown was an alias or some other program, then I would be able to change ownership in /tmp too): $ alias alias l.='ls -d .* --color=tty' alias ll='ls -l --color=tty' alias ls='ls --color=tty' alias vi='vim' alias which='alias | /usr/bin/which --tty-only --read-alias --show-dot --show-tilde' $ which chown /bin/chown P.S. I'm not kidding: $ id uid=71579(mikes) gid=10000(DomainUsers) $ touch /mnt/home/blah $ chown john /mnt/home/blah $ ls -l /mnt/home/blah -rwxrwxrwx 1 john DomainUsers 0 Oct 23 19:04 /mnt/home/blah $ id john uid=37554(john) gid=10000(DomainUsers) $ chmod 755 /mnt/home/blah chmod: changing permissions of `/mnt/home/blah': Operation not permitted $ rm /mnt/home/blah $ ls -l /mnt/home/blah ls: /mnt/home/blah: No such file or directory $ touch /tmp/blah $ chown john /tmp/blah chown: changing ownership of `/tmp/blah': Operation not permitted

I have up to terabytes of data (a large number of smaller files) that could contain wrong owner, group or permissions. To repair that we had a script doing

-sh
sudo -n chown -R user:group "/path"
sudo -n chmod -R a-rwx,u+rwX,g+rwX "/path"

But I wonder if the performance could be improved? What about running both in background and adding wait in the script? Is this a bad idea for chown and chmod? Do they interfere? What about using find instead? Is this faster and even correct this way (tests looked like this ain't even working, i.e. there is something wrong with the usage)?

-sh
sudo -n find "/path" -type f -exec chmod 660 {} + -exec chown user:group {} +
sudo -n find "/path" -type d -exec chmod 770 {} + -exec chown user:group {} +

What about running this in background and adding wait? Due to the type filter this shouldn't interfere, right? Could this even be improved by filtering for files only deviating from the target configuration? Maybe it's important to note that this script should be able to run on multiple platforms like Ubuntu (different versions) and Red Hat (different versions) and potentially different file systems, too.

I changed the permissions of a directory recursively but a few files are unchanged because they have an unknown owner and group:

sudo chmod -R g+r /home/user/.local/share/waydroid/data/
ls -l /home/user/.local/share/waydroid/data/data/android.ext.services/
ls: cannot access '/home/user/.local/share/waydroid/data/data/android.ext.services/cache': Permission denied
ls: cannot access '/home/user/.local/share/waydroid/data/data/android.ext.services/code_cache': Permission denied
total 0
d????????? ? ? ? ?            ? cache
d????????? ? ? ? ?            ? code_cache

rsync fails to read these files with unknown owners:

rsync: [sender] readlink_stat("/home/user/.local/share/waydroid/data/user_de/0/org.lineageos.overlay.accent.red/cache") failed: Permission denied (13)

I am having a problem utilizing a mounted drive on my Raspberry Pi 2B running Diet Pi.

dietpi@DietPi:/media/dietpi/Other$ sudo chmod 666 -R /media/dietpi
dietpi@DietPi:/media/dietpi/Other$ touch text.txt
touch: cannot touch 'text.txt': Permission denied
dietpi@DietPi:/media/dietpi/Other$

The media appears to be mounted correctly as I am able to read what is in the drive. **Other Steps Attempted**

sudo chown -R dietpi /media/dietpi

This returns numerous of the following error:

chown: changing owndership '/media/dietpi/: Operation not permitted

I want to assign file ownership in Linux. sudo chown (new owner) (file name?) What should I use for file name?

I was trying to install elastic search in Google Colab, and it seems that to run the service, you need to change the ownership to a user that is **not root**. I tried the chown command for this and then did an ls -l but don't see the ownership change. In fact, when I use the verbose option with chown I can see the logs showing the permission change from root:root to daemon:daemon. !chown -R -v daemon:daemon elasticsearch-8.15.0/ Following is a snippet of the output illustrating the above changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-preallocate-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-x-content-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-lz4-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-cli-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-simdvec-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-native-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-core-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-logging-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-secure-sm-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-geo-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-plugin-analysis-api-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-plugin-api-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-grok-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-tdigest-8.15.0.jar' from root:root to daemon:daemon But doing an ls -l still shows root as the owner and group. !ls -l elasticsearch-8.15.0/ total 2273 drwx------ 2 root root 4096 Aug 11 13:44 bin drwx------ 3 root root 4096 Aug 11 13:45 config drwx------ 8 root root 4096 Aug 5 10:11 jdk drwx------ 6 root root 4096 Aug 5 10:11 lib -rwx------ 1 root root 3860 Aug 5 10:04 LICENSE.txt drwx------ 2 root root 4096 Aug 5 10:07 logs drwx------ 83 root root 4096 Aug 5 10:12 modules -rwx------ 1 root root 2285006 Aug 5 10:07 NOTICE.txt drwx------ 2 root root 4096 Aug 5 10:07 plugins -rwx------ 1 root root 9111 Aug 5 10:04 README.asciidoc PS - Since this is a colab question as well as a linux question, I wasn't sure whether to ask this here or on the data science forum(https://datascience.stackexchange.com/questions/tagged/colab) . Please let me know if this is the wrong place.

What does the following command do? sudo chmod -R a=,a+rX,u+w,g+w /data I understand that it changes permissions, but what exactly and how?

I am setting up the directory permission of a fresh new linux Debian 12 server. I have added my user(uid=1000) to the www-data group. My commands are as below -

sudo chown -R 1000:www-data public_html/
sudo chmod -R g+s public_html/

But when I go to filezilla I see user www-data and not 1000 www-data Is there anyway I can show the ID and not name. Thanks in advance.

I have a folder under /mnt/ with **drwxrwxrwx** permissions and under root:root I then mount a USB drive (exFAT) to this folder and it becomes **drwxr-xr-x** The issue is that now I cannot scp to that folder via WinSCP since there is no permission for group to write to folder, and I am unable to scp as root user. I am mounting the drive via fstab with the following: /dev/sdb2 /mnt/USB exfat defaults,dmask=0000,umask=0000,rw 0 0 How do I either: 1) Give permission to group write or 2) Mount it as a non root user so that that user can write? ive attempted chown and chmod to no avail. Chown even when run as root returns **Operation not permitted** I am able to write to the mount as root user when in SSH (such as mkdir), so the mount is writable, but only by root.

Context : - Debian 12 system recovery trial after a btrfs file system corruption (roots tree) with no backup but access to all(?) the files. I made a copy of the system after the corruption, everything looks right. I made a fresh install of Debian 12. From here, I have rsynced the system, except /etc . For this last one, I have rsynced only missing files. - Now, I have to update smartly /etc. I want to use tools like meld to make it easier. But it does not work as root. So I made copies of previous and new /etc and chown -R user:user both from a LIVE DVD. When my new etc is updated, I want to restore files/directories ownership before replacing the whole /etc of the new install. The subject here is not my system restoration, but file ownership restoration from a copy of the tree that has the same files and right ownerships. ls -l provides ownership but not full paths. find provides full paths but not ownership. I have eventually found this solution: find previous_etc -exec sh -c 'chown -v --reference=$0 "new_etc${0#previous_etc}"' {} \; So, this is a self answered question. But if you have other methods, I am curious.

I have script that can be runned from different users on the same machine. This script should write logs to the same file on every run. Minimal version of script: #!/usr/bin/env bash # 2 touch /var/tmp/lll.log # 3 chmod 666 /var/tmp/lll.log # 4 (You can comment this line, but this will change nothing) echo ghghhghg >> /var/tmp/lll.log # 5 There is no problem when it started from root and then from other user, but error thrown when order is opposite. ./savetmp.sh: line 5: /var/tmp/lll.log: Permission denied Output of ls -ld /var/tmp /var/tmp/lll.log: .rw------- 9 armoken 1 May 10:52 /var/tmp/lll.log drwxrwxrwt - root 1 May 10:52 /var/tmp cat /proc/sys/fs/protected_regular: 1 How to fix that?

I have shell (php) script that gets in touch with target file this way: - inspects whether file and directory are writable with php 's is_writable() (I don't think that this is problem) - does in-place file edit with sed command: grep -q "$search" "$passwd_file" && { sed -i "s|$search|$replace|" "$passwd_file"; printf "Password changed!\n"; } || printf "Password not changed!\n" As a result I get (everything else correct but) file which was myuser:www-data to be myuser:myuser . Does sed changes file group ownership as it seems, and how do I avoid it, if possible?

Given,

touch /tmp/abc
ln -vs abc /tmp/def

$ ls -l /tmp/???
-rw-rw-r-- 1 ubuntu ubuntu 0 Apr 10 22:10 /tmp/abc
lrwxrwxrwx 1 ubuntu ubuntu 3 Apr 10 22:10 /tmp/def -> abc

Why I'm getting:

$ sudo chown syslog: /tmp/def
chown: cannot dereference '/tmp/def': Permission denied

$ sudo chown --dereference syslog: /tmp/def
chown: cannot dereference '/tmp/def': Permission denied

Ref: \ chown(1) : >--dereference

> affect the referent of each symbolic link (this is the default), rather than the symbolic link itself

$ lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal

This command:

sudo chown -R root:root directory

will remove the SUID bit and reset all capabilities for *files*. I wonder why it's done silently and it's not mentioned in the man page. Weirdly the GUID bit is not removed. And it doesn't matter who the file or directory belonged to prior to running this command. Also SUID/GUID bits are *not* removed for *directories* (thought they are useless in this case). Presumably it's done in the name of security but to me it must not be done silently. This gets even worse:

$ setcap cap_sys_rawio,cap_sys_nice=+ep test
$ getcap -v test 
test cap_sys_rawio,cap_sys_nice=ep

$ chown -c -v -R 0:0 .
ownership of './test' retained as root:root
ownership of '.' retained as root:root

$  getcap -v test 
test

The SUID bit for the test file is removed completely silently. It's as if the command is doing a lot more than requested.

I'm running a Xubuntu from a Windows 8 host. I can't change the owner of shared files from xubuntu by any sudo chown ... command. Is there any other way I can change the owner from the root to the user? I also have tried to mount the shared folder into home directory, still didn't change anything hooman@ubuntu:~/win/meteor$ ls -al total 20 drwxrwxrwx 1 root root 0 Dec 10 19:03 . drwxrwxrwx 1 root root 16384 Dec 11 18:30 .. drwxrwxrwx 1 root root 4096 Dec 10 19:03 simple-todos hooman@ubuntu:~/win/meteor$ **Edit:** after doing sudo chown: hooman@ubuntu:~/win/meteor$ ls -al total 20 drwxrwxrwx 1 root root 0 Dec 10 19:03 . drwxrwxrwx 1 root root 16384 Dec 11 18:30 .. drwxrwxrwx 1 root root 4096 Dec 10 19:03 simple-todos hooman@ubuntu:~/win/meteor$ sudo chown -v hooman simple-todos/ changed ownership of ‘simple-todos/’ from root to hooman hooman@ubuntu:~/win/meteor$ ls -al total 20 drwxrwxrwx 1 root root 0 Dec 10 19:03 . drwxrwxrwx 1 root root 16384 Dec 11 18:30 .. drwxrwxrwx 1 root root 4096 Dec 10 19:03 simple-todos