Master Linux File Permissions: chown, chgrp, and chmod Explained

Introduction

Linux is a multi‑user, multitasking OS. Each file or directory has three ownership classes—owner, group and others—each of which can be granted read (r), write (w) and execute (x) permissions.

File attributes displayed by ls -l

Running ls -al --full-time (or ll) prints seven columns for every entry:

Mode (10 characters): file type followed by rwx bits for owner, group and others.

Link count .

Owner name .

Group name .

Size in bytes.

Modification timestamp .

Name ; a leading dot marks a hidden file.

Changing the owner with chown

Location of user database

/etc/passwd

Only users listed in /etc/passwd can be assigned as owners.

Syntax

chown [-R] user file_or_dir

chown [-R] user:group file_or_dir

Use chgrp for group‑only changes.

Options

-R

– apply the change recursively to all files and sub‑directories.

Examples

chown daemon test

Set the owner of test to daemon. chown daemon:root test Set owner to daemon and group to root. chown root.users test Set owner to root and group to users. chown .root test Change only the group to root (dot syntax is accepted but colon is preferred to avoid ambiguity when usernames contain a dot).

Changing the group with chgrp

Location of group database

/etc/group

All existing groups are listed in this file.

Syntax

chgrp [-R] group file_or_dir

See man chgrp or chgrp --help for additional options.

Examples

chgrp -R users test

Recursively change the group of test and everything under it to users. If the group does not exist, an “invalid group” error is returned.

Changing permissions with chmod

Permissions are expressed as three bits (r, w, x) for each of the three ownership classes, yielding nine individual flags.

Symbolic mode

Use u, g, o (or a for all) to select the class, r, w, x for the permission, and +, -, = to add, remove or set the bits.

Setting permissions (=)

chmod u=rwx,g=rwx,o=rwx test

or

chmod a=rwx test

Removing the execute bit from a directory ( chmod a-x dir ) prevents users from cd into it.

Adding permissions (+)

chmod a+x test.sh

This makes test.sh executable.

Removing permissions (-)

chmod a-x test

Strips the execute flag from all classes.

Numeric (octal) mode

Each permission is assigned a value: read = 4, write = 2, execute = 1. The sum for each class forms a three‑digit octal number.

Examples

chmod 777 test      # rwx for owner, group, others

chmod 666 test      # rw‑ for all

chmod 755 test.sh   # rwx for owner, r-x for group and others

The numeric form is concise for common patterns.

Permission differences between files and directories

Files

readable – allows reading the file’s contents.

writable – allows modifying the file’s contents.

executable – allows executing the file as a program.

Write permission on a file does not permit deletion; deletion is governed by the write permission on the containing directory.

Directories

readable – permits listing the directory entries (e.g., ls).

writable – permits creating, renaming, moving or deleting entries within the directory.

executable – permits entering the directory with cd.

To browse a directory, at least r or x must be set. Accessing a file inside a directory requires both the directory’s execute bit and the file’s read bit.

Summary

Linux assigns read, write and execute bits separately to owner, group and others. Use chown to change the owner, chgrp to change the group, and chmod (symbolic or numeric) to modify permissions, thereby controlling access to files and directories.