I am using Linux Mint and my workmates are using Windows. We've got a local, shared server (also Linux) for documentation files and a weird thing happened yesterday: a windows user created a file (.odm) and after I changed it, the ownership of the file changed to me and all the other users, including the one who created it, had permission only to read it, although, initially (before I edited it) everyone could read, write and execute. I don't know what information I need to give to make context clearer, but I'd like to understand how that happened. I mean, it seems very weird for a different user to be able to change permissions and ownership of a shared server's file. The server is running samba, and all the clients are using that to access the files.

I have a particular use case, where I want to extract a tar archive (as root) and intentionally overwrite some destination file(s) with the contents of the archive. This is all fine and easily achievable, but I also want to retain the original ownership and permissions of the original destination file(s). As an example:

$ touch file && tar cf test.tar.gz file &&
  sudo chown www-data:www-data file &&
  sudo tar xf test.tar.gz && ls -l file
-rw-r--r-- 1 tim tim 0 May  1 11:26 file

Here I create a file as my user (tim:tim), archive it, change its ownership to www-data:www-data, then (as root) extract the archive, overwriting the original file. As you can see, its ownership has been modified to that of the file in its pre-archived state, whereas post-extraction, I want it to be owned by www-data:www-data. I've had a fairly close look at the tar man page, but can't see an immediately obvious way to do what I want. Am I missing anything?

I have a ZFS filesystem on an external drive, but the user ID of my accounts don't match between computers. Is there a way to map the UID when mounting (without actually changing it on the filesystem) so that files which are owned by, for example, uid 501, appear as owned by uid 1000? Ideally there's a method that can do this directly, without resorting to bind mounts or overlay filesystems. I've read that linux supports this functionality natively since 5.12 , and that it even should be possible to map IDs in a way that is transparent to the filesystem driver itself, but I can't figure out how to achieve this on the command line. I'm running Fedora 42 with linux kernel version 6.15.4-200 and zfs release 2.3.3-1 from the zfsonlinux.org fedora repository. --- The ID-mapped mount functionality now seems to exist in the mount(8) command as the option **--map-users** _id-mount_:_id-host_:_id-range_. Using an OpenZSH internal option to ignore errors when using the regular "mount" command (as opposed to zfs mount), I've tried:

sudo mount -tzfs -o zfsutil --map-users 1000:501:1 mypool/myfiles /mnt/mypool/myfiles

But this did not seem to map anything.

I installed texlive as usual in /usr/local/texlive/2025. When installing I typed umask 0027 prior to each command (./configure, make...), hoping that the resulting files would have root as owner and me as group with the same rights to access, read and change the files. Nevertheless, when updating texlive (sudo tlmgr --self --all --no-auto-remove update), the owner becomes root, the group becomes root instead of ME, and I neither can use commands like luatex nor the .sty files etc., as they're owned by root. So, each time I update texlive via tlmgr I have to change owner and group manually for all files in \textlive\2025. What can I do to set owner=root and user=ME for all files newly created and changed with sudo tlmgr ... in the future?

In [_Classic Shell Scripting_ from O'Reilly](https://learning.oreilly.com/library/view/classic-shell-scripting/0596005954/) , Arnold Robbins and Nelson H.F. Beebe write the follwing, > If a filesystem with user smith attached to user ID 100 were mounted on, or imported to, a filesystem with user ID 100 assigned to user jones, then jones would have full access to smith's files. This would be true even if another user named smith exists on the target system. and I'm not sure I really understand the implications of this, honestly. Does it mean that if I have a flashdrive, I mount it, and I cp on it a file which myself have created on my system, then that flashdrive can be umounted, mounted on antoher system with a user name myself (maybe created ad-hoc for the purpose), then that user has the access I had on my system to that file? --- Now that I wrote it, I start thinking there's nothing strange with it, in the sense that the file was not encrypted or anything, and myself cping a file on a flashdrive does mean that I'm trying to share it, so there's nothing wrong/unsafe in it becoming readable elsewhere. Am I missing something?

I changed the permissions of a directory recursively but a few files are unchanged because they have an unknown owner and group:

sudo chmod -R g+r /home/user/.local/share/waydroid/data/
ls -l /home/user/.local/share/waydroid/data/data/android.ext.services/
ls: cannot access '/home/user/.local/share/waydroid/data/data/android.ext.services/cache': Permission denied
ls: cannot access '/home/user/.local/share/waydroid/data/data/android.ext.services/code_cache': Permission denied
total 0
d????????? ? ? ? ?            ? cache
d????????? ? ? ? ?            ? code_cache

rsync fails to read these files with unknown owners:

rsync: [sender] readlink_stat("/home/user/.local/share/waydroid/data/user_de/0/org.lineageos.overlay.accent.red/cache") failed: Permission denied (13)

My question might look silly because I'm coming from a Windows / NTFS background. We have a linux filesystem shared across several people. The tree looks like this:

- /data
  |- shared
     |- Alice
     |- Bob

We have set up the permissions on the shared folder with the following permissions drwxrwsr-x and ownership as head_of_department:department. We noticed that, over time, the permissions got changed. Unfortunately, I cannot seem to find resources on this specific topic on the web. Is there a way we can _lock_ the permissions to the ones we want? Or should we have some cron job that resets the permissions periodically?

I want to assign file ownership in Linux. sudo chown (new owner) (file name?) What should I use for file name?

I've setup restricted shell(s) on an Arch-based system by creating /usr/local/bin/rzsh and /usr/local/bin/rbash: these scripts cd into /home/$USER and then invoke zsh -r and bash -r respectively, but I would like users in the restricted shells to be able to cd into directories the user(s) explicitly own (such as sub-directories of their home) but not necessarily everything they have read access to. - The context is a user that runs https://code.visualstudio.com/docs/remote/vscode-server - clients have terminal access and must be able to move between repositories, and execute some scripts that act upon repositories - However, I *do not* want users to have access to cd into or read files in system directories Is this possible with a restricted shell, and if not, can you recommend an approach to achieve a similar level of restriction?

I'd like to know if the following scenario will update permissions, ownership, timestamps etc. Say I transfer a folder from a destination to another using rsync -zr source/ dest/, and then use the command rsync -auzr source/ dest/ - will the latter command then update the permissions, ownership, and timestamps or will I have re-transfer all the files again?

I was trying to install elastic search in Google Colab, and it seems that to run the service, you need to change the ownership to a user that is **not root**. I tried the chown command for this and then did an ls -l but don't see the ownership change. In fact, when I use the verbose option with chown I can see the logs showing the permission change from root:root to daemon:daemon. !chown -R -v daemon:daemon elasticsearch-8.15.0/ Following is a snippet of the output illustrating the above changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-preallocate-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-x-content-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-lz4-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-cli-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-simdvec-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-native-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-core-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-logging-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-secure-sm-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-geo-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-plugin-analysis-api-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-plugin-api-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-grok-8.15.0.jar' from root:root to daemon:daemon changed ownership of 'elasticsearch-8.15.0/lib/elasticsearch-tdigest-8.15.0.jar' from root:root to daemon:daemon But doing an ls -l still shows root as the owner and group. !ls -l elasticsearch-8.15.0/ total 2273 drwx------ 2 root root 4096 Aug 11 13:44 bin drwx------ 3 root root 4096 Aug 11 13:45 config drwx------ 8 root root 4096 Aug 5 10:11 jdk drwx------ 6 root root 4096 Aug 5 10:11 lib -rwx------ 1 root root 3860 Aug 5 10:04 LICENSE.txt drwx------ 2 root root 4096 Aug 5 10:07 logs drwx------ 83 root root 4096 Aug 5 10:12 modules -rwx------ 1 root root 2285006 Aug 5 10:07 NOTICE.txt drwx------ 2 root root 4096 Aug 5 10:07 plugins -rwx------ 1 root root 9111 Aug 5 10:04 README.asciidoc PS - Since this is a colab question as well as a linux question, I wasn't sure whether to ask this here or on the data science forum(https://datascience.stackexchange.com/questions/tagged/colab) . Please let me know if this is the wrong place.

I am setting up the directory permission of a fresh new linux Debian 12 server. I have added my user(uid=1000) to the www-data group. My commands are as below -

sudo chown -R 1000:www-data public_html/
sudo chmod -R g+s public_html/

But when I go to filezilla I see user www-data and not 1000 www-data Is there anyway I can show the ID and not name. Thanks in advance.

Background: I'm trying to share a folder between two users on the same machine . The normal way would be to have the two users in the same group set the parent folder to that group with rw and the s bit set. That works great. **Except** .... the folder I am trying to share is one used by Chromium. **When Chromium launches it writes some session files with only owner rw (i.e 600) permission ignroing the s bit. I guess some misbehaved programs can do that.** That means when the other user tries later to open that same chromimum profile they can't set those sessions files cause they already exist with the owner only rw of the other user. :( I gave bindfs a try but that requires sudo at login and thus I have to use a sudoers.d file if I want to get that set up non-interactive at login. Anway I gave ACL a try and am not grokking some aspect because it's not working like I think it should.

# user1: syadmin
# user2: david
# directory: /opt/stest
# user1 sysadmin is logged in.

# sysadmin owns /opt/stest
$ llag stest
drwxrwsr-x+  2 sysadmin users    4096 Feb  3 13:45 stest/

$getfacl stest
# file: stest
# owner: sysadmin
# group: sysadmin
user::rwx
group::rwx
other::r-x

# now run
setfacl -R -m u:david:rwX /opt/stest
setfacl -dR -m u:david:rwX /opt/stest

# gives
user:david:rwx
default:user:david:rwx

#now create a file as other user
$ su david -c "touch /opt/stest/test"
-rw-rw-r--+  1 david    users    0 Feb  3 13:51 test

#set with owner only rw like how chromium does
-rw-------+  1 david    users    0 Feb  3 13:51 test

$ getfacl test
# file: test
# owner: david
# group: users
user::rw-
user:david:rwx			#effective:---
group::rwx			#effective:---
mask::---
other::---

So this is the part I'm not getting. Why is the "non-acl" owner of the file test david

# file: test
# owner: david

instead of sysadmin given sysadmin owns the directory. Bascially I thought that setfacl would always give access to the directory owner. It seems as though even if the acl entry was made by sysadmin sysdamin must be manually added to any file created by another allowed user or it can get locked out of its own files. That was not intuitive for me. Is that what i need to do? Do I need to run inotify wait on the directory and then add sysamdin to the acl list if another user creates a file. What is the best solution to my situation ACL or otherwise. I am running ubuntu 20.04 with kernel 5.4.0-65- **--two days later** I tried another tack. I added both users to the file and default acl list using sudo. Then I logged out and into the other user. Then did a getfacl on one of the offending files. You see both users listed but under effective there is nothing instead of rw. Arrgh. Still the current user sysadmin can't access the file created by david. **Why is effective not showing rw???** -rw-------+ 1 david david 125146 Feb 6 09:12 Preferences

getfacl Preferences 
# file: Preferences
# owner: david
# group: david
user::rw-
user:sysadmin:rwx		#effective:---
user:david:rwx			#effective:---
group::rwx			#effective:---
group:users:rwx			#effective:---
mask::---
other::---

I have script that can be runned from different users on the same machine. This script should write logs to the same file on every run. Minimal version of script: #!/usr/bin/env bash # 2 touch /var/tmp/lll.log # 3 chmod 666 /var/tmp/lll.log # 4 (You can comment this line, but this will change nothing) echo ghghhghg >> /var/tmp/lll.log # 5 There is no problem when it started from root and then from other user, but error thrown when order is opposite. ./savetmp.sh: line 5: /var/tmp/lll.log: Permission denied Output of ls -ld /var/tmp /var/tmp/lll.log: .rw------- 9 armoken 1 May 10:52 /var/tmp/lll.log drwxrwxrwt - root 1 May 10:52 /var/tmp cat /proc/sys/fs/protected_regular: 1 How to fix that?

I have a prompt that asks me to delete all the files in a directory that the owner (u) can't r, w, nor x, in one command. I tried this command:

find data -type f ! -perm -u=rwx -exec rm -f {} \;

... but I think it removes too many files.

I copied some files to HFS+, using macOS, ensuring that it was copied exactly. On macOS these copied files have 501 as owner according to ls -han. I then plug in the HFS+ usb stick into Ubuntu, and there the files have 1000 as owner according to ls -han. Why? I then tried copying one of the 501 owned files in Ubuntu (to the same HFS+ volume), ensuring that it was copied exactly using cp -a. Now macOS ls sees the new file as owned by user 1000... Really? I don't understand — what was the point of using cp with the -a option if it doesn't even preserve the owner's user id? What did I miss? **Update:** To clarify, I think my confusion here stems from that — in my mind — HFS supports Unix file permissions natively and should "just work" with them. --- I recently learned that cps preserve=timestamps does not, in fact, preserve time stamps (creation dates are reset). Am I now to believe that its preserve=ownership does not preserve ownership?

I have read about a bazillion posts about how to set up web server ownership, directory, and file permissions. I have heard use root. Don't use root, use www-data. Don't use that, use a different user for each website. Yada, yada, yada. I decided to use root instead of www-data. I know the risks. I limit them by only allowing shell access from my IP and I have a password that would take a long time to break. I do more things but that isn't the question here. I want to show you my present tree structure. All of my hosted domains use a similar format. I'll ask a question in just a moment, but take a look:

├── [drwxr-xr-x www-data www-data]  www.website.com
│   ├── [drwxr-xr-x root     root    ]  css
│   │   ├── [drwxr-xr-x root     root    ]  font

Everything under the domain is at root ownership. What puzzles me is the www-data ownership of the folder. Questions: Can the domain line permissions allow someone to override the root ownership of files below that line? Should the domain line be set to root root?

Today, I have accidentally noticed that the following directories of the / are **owned by user**, rather than root: - /home - /lost+found - /media - /mnt - /opt - /snap - /srv - /swapfile - /var I have no idea how that could happen. It seems only logical that some of them with the obvious exception of /home should be owned by root. If so, which ones? On the other hand, the Lubuntu 20.04 x64 system and installed software run both normally. I do not face any troubles at the moment. Should I follow the _"If it is not broken, don't fix it"_ approach?

Why I cannot change the ownership on mounting ntfs drive? I give uid=1000,gid=1000, etc in my /etc/fstab file, but found it is not working. So I'm testing it out on command line:

root@host:~# mount | grep /mnt/tmp1 | wc
      0       0       0

root@host:~# mount -o uid=1000 /dev/nvme0n1p4 /mnt/tmp1/

root@host:~# mount | grep /mnt/tmp1
/dev/nvme0n1p4 on /mnt/tmp1 type fuseblk (rw,relatime,user_id=0,group_id=0,default_permissions,allow_other,blksize=4096)

root@host:~# umount /mnt/tmp1

root@host:~# mount -o user_id=1000 /dev/nvme0n1p4 /mnt/tmp1/

root@host:~# mount | grep /mnt/tmp1
/dev/nvme0n1p4 on /mnt/tmp1 type fuseblk (rw,relatime,user_id=0,group_id=0,allow_other,blksize=4096)

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 21.10
Release:        21.10
Codename:       impish

$ apt-cache policy mount
mount:
  Installed: 2.36.1-8ubuntu1
  Candidate: 2.36.1-8ubuntu2
  Version table:
     2.36.1-8ubuntu2 500
        500 http://archive.ubuntu.com/ubuntu  impish-updates/main amd64 Packages
 *** 2.36.1-8ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu  impish/main amd64 Packages
        100 /var/lib/dpkg/status

Am I missing something? Why I cannot change the ownership on mounting ntfs drive?

I am getting this error from git:

fatal: detected dubious ownership in repository at '/run/media/marcel/Хранилище/Dev/Desktop/SimpleAccent'
To add an exception for this directory, call:

        git config --global --add safe.directory '/run/media/marcel/Хранилище/Dev/Desktop/SimpleAccent'

Here's the ls -la for my directory:

drwxrwxrwx. 1 root root 4096 июл 30 18:05 ./
drwxrwxrwx. 1 root root 4096 мая 25 10:57 ../
drwxrwxrwx. 1 root root    0 июн 14 19:03 config/
drwxrwxrwx. 1 root root 4096 июн 15 16:55 .git/
-rwxrwxrwx. 1 root root 3115 июн 16 15:53 .gitignore*
drwxrwxrwx. 1 root root 4096 июл 30 18:11 .idea/
drwxrwxrwx. 1 root root 4096 июн 15 16:46 lib/
-rwxrwxrwx. 1 root root 1065 мая 25 11:22 LICENSE*
drwxrwxrwx. 1 root root    0 июл 28 12:27 logs/
-rwxrwxrwx. 1 root root    0 июл 28 12:53 nohup.out*
drwxrwxrwx. 1 root root    0 мая 28 12:18 platform/
-rwxrwxrwx. 1 root root 1436 июл 15 13:50 README.md*
drwxrwxrwx. 1 root root    0 июл 28 12:27 scripts/
drwxrwxrwx. 1 root root    0 июн 16 20:06 setup/
-rwxrwxrwx. 1 root root 2620 июл 30 18:05 simpleaccent.py*
drwxrwxrwx. 1 root root 4096 июн 15 14:08 _util/
drwxrwxrwx. 1 root root    0 июн 14 19:46 .vscode/

They are all root, my user is marcel. I do sudo chown -R marcel:marcel . while in the directory, but the owner is still root. I try sudo chown -R marcel . ; sudo chgrp -R marcel ., but it's none the better. How to make chown work? #### Specs, if that could matter

marcel@fedora 
------------- 
OS: Fedora Linux 38 (KDE Plasma) x86_64 
Host: MS-7D18 2.0 
Kernel: 6.4.4-200.fc38.x86_64 
Uptime: 46 mins 
Packages: 2015 (rpm), 13 (flatpak) 
Shell: bash 5.2.15 
Resolution: 1920x1080 
DE: Plasma 5.27.6 
WM: kwin 
Theme: [Plasma], Breeze [GTK2/3] 
Icons: [Plasma], breeze-dark [GTK2/3] 
Terminal: tmux 
CPU: 11th Gen Intel i5-11400 (12) @ 4.400GHz 
GPU: NVIDIA GeForce RTX 3060 Lite Hash Rate 
Memory: 5712MiB / 15875MiB