命令行大全

chown

瑞兹 发表于 2021-01-07 13:41浏览次数:

在类似Unix的操作系统上,chown命令更改文件系统中文件和目录的所有权。

查看英文版

目录:

1 chown 运行系统环境

2 chown 描述

3 chown 语法

4 chown 例子

chown 运行系统环境

Unix&Linux

chown 描述

什么是文件“所有权”?

Linux被设计为支持大量用户。因此,它需要仔细跟踪允许谁访问文件以及他们如何访问文件。这些访问规则称为权限。

文件权限分为三种主要类型:

  • User权限。这些权限适用于对文件具有特殊访问权限的单个用户。该用户称为owner
  • Group权限。这些适用于有权访问文件的单个用户组。该组是owning group
  • Other权限。这些适用于系统上的所有其他用户。这些用户被称为othersthe world

创建文件时,文件的所有者是创建文件的用户,拥有组是用户的当前组。

chown可以将这些值更改为其他值。

What is file "ownership"?

Linux is designed to support a large number of users. Because of this, it needs to keep careful track of who is allowed to access a file, and how they can access it. These access rules are called permissions.

There are three major types of file permissions:

  • User permissions. These permissions apply to a single user who has special access to the file. This user is called the owner.
  • Group permissions. These apply to a single group of users who have access to the file. This group is the owning group.
  • Other permissions. These apply to every other user on the system. These users are known as others, or the world.

When a file is created, its owner is the user who created it, and the owning group is the user's current group.

chown can change these values to something else.

查看英文版

查看中文版

chown 语法

chown [-c|--changes] [-v|--verbose] [-f|--silent|--quiet] [--dereference]
      [-h|--no-dereference] [--preserve-root]
      [--from=currentowner:currentgroup] [--no-preserve-root]
      [-R|--recursive] [--preserve-root] [-H] [-L] [-P]
      {new-owner|--reference=ref-file} file ...
chown --help
chown --version

指定新所有者

文件新所有权由参数 new-owner指定,它采用以下一般形式:

[user[ group]]

具体来说,有五种格式化新所有者的方法

new-ownerform Description
user 拥有文件的用户名。在这种形式中,省略了冒号(“  ”)和。所属组未更改。
user:group 拥有文件的用户,以冒号分隔,中间没有空格。
group 拥有文件的组。在这种形式下,用户被省略,并且必须在冒号之前。
user 如果省略group,但冒号跟随user,则所有者更改为user,而拥有组更改为user的登录组。
可以指定不包含用户的冒号,但是所有权不会更改。该表格不会引起错误,但不会改变任何内容。

使用注意事项

  • 用户可以通过名称或数字指定。
  • 只有root可以更改文件的所有者。所有者不能转让所有权,除非所有者是root或使用sudo运行命令。
  • 如果文件的所有者属于该组,则文件的所有者可以更改该文件的所有者组。可以通过根将文件的拥有组更改为任何组。所有者以外的所有者组的成员不能更改文件的所有者组。
  • 也可以使用chgrp命令来更改所属组。chgrpchown使用相同的系统调用,并且在功能上相同。
  • 某些其他文件操作只能由所有者或root用户执行。例如,只有所有者或root用户可以使用touch命令手动更改文件的“ atime”或“ mtime”(访问时间或修改时间)。
  • 由于这些限制,您几乎总是希望以root或sudo的身份运行chown

选件

选项 描述
-c,--changes
--verbose模式类似,但仅显示有关实际更改的文件的信息。例如:


changed ownership of 'dir/dir1/file1' from hope:neil to hope:hope
-v,--
verbose
显示每个已处理文件的详细信息。例如:


changed ownership of 'dir/dir1/file1' from hope:neil to hope:hopeownership of 'dir/dir1' retained as hope:hope
-f,--
silent,--
quiet
静音模式。不显示输出。
--dereference 取消引用所有符号链接。如果文件是符号链接,则更改引用文件的所有者,而不是符号链接本身。这是默认行为。
-h,--
no-dereference
切勿取消引用符号链接。如果文件是符号链接,请更改符号链接的所有者而不是引用的文件。
--from = currentowner currentgroup 仅当每个文件的当前所有者或组与currentowner和/或currentgroup匹配时,才更改其所有者或组。可以省略任何一种,在这种情况下,其他属性不需要匹配。
--no-preserve-root 不要以任何特殊方式处理/(根目录)。这是默认行为。如果命令中先前指定了--preserve-root选项,则此选项将取消它。
--reference =ref-file 使用文件ref-file的所有者和组,而不是使用new-owner指定所有权。
-R,--recursive
递归地操作文件和目录。输入每个匹配的目录,然后对其所有内容进行操作。

选件

以下选项修改了在指定-R--recursive选项时如何遍历层次结构。

选项 描述
--preserve-root 切勿在根目录/上递归操作。

如果未指定--recursive,则此选项无效。
-H 如果在命令行上指定的文件是指向目录的符号链接,请遍历该文件并在这些文件和目录上进行操作。
-L 遍历到目录的所有符号链接。
-P 请勿遍历任何符号链接;对符号链接本身进行操作。这是默认行为。

如果指定了-H-L-P中的多个,则只有最后一个选项才生效。

选件

这些选项显示有关程序的信息,不能与其他选项或参数一起使用。

选项 描述
--help 显示简短的帮助消息并退出。
--version 显示版本信息并退出。

退出状态

chown退出,状态为0表示成功。其他数字表示操作失败。

为什么要更改文件的所有权?

要将文件的用户或组权限应用于其他用户或组时,应使用chown

假设情景

以下是一些可能使用chown的示例:

  • 您可以使用sudo或以root用户身份登录来创建文件myfile.txt,因此该文件归root用户所有。但是,您打算让常规用户帐户myuser使用该文件。使用chown更改所有者:

sudo chown myuser myfile.txt
  • 您拥有myfile.txt,但是您希望将其提供给系统上名为notme的另一个用户。您还希望将所有者组更改为该用户的组notmygroup

    使用chown更改所有者和组:
sudo chown notme:notmygroup myfile.txt
  • 您刚刚从另一台计算机上传输了整个文件目录otherfiles。所有文件和目录均由另一个系统上的用户名拥有,并且您希望当前用户和组拥有所有这些文件和目录。使用-R选项以递归方式

    更改目录及其所有内容的所有权:
sudo chown -R myuser:mygroup oterfiles

上面的命令将更改otherfile中每个文件,子目录和子目录内容的所有权

Linux中的群组

在Linux中,用户可以是多个组的成员,但只有一个“当前组”。用户的当前组是用户的group identityGID

用户创建新文件时,文件的所有权设置为用户的UID(用户身份)和GID(组身份)。因此,当用户carla开始编写新文档时,该文件由carla以及她当前的组拥有。她可以使用chown更改文件的组所有权,但是只有root可以使用chown将所有者更改为其他人。

此外,每个用户都有一个可配置的login group,该login group可以是任何用户组。因此,当carla登录时,她的登录组就是她当前的组。可以使用-g选项,通过usermod命令更改登录组。

sudo usermod -g newlogingroup卡拉

用户可以使用newgrp命令更改当前组。更改发生在子外壳中,并且一直持续到子外壳关闭。即使carlanewgrp更改了当前组,下次她登录时,该组也将重置为她的登录组。

您可以使用带-g选项的id命令来检查当前组:

id -g
1001

这是您的数字GID(当前组的编号)。要查看名称,请指定-n选项:

id -ng
hope

要查看所有组成员身份,请使用大写字母G

id -nG
hope sudo neil libvirtd vboxusers usergroup

默认情况下,每个Linux用户都有一个私有组,该用户是唯一成员。因此,当使用adduser命令创建用户帐户jeff也会创建一个名为jeff的组。组jeff是jeff的默认登录组,只有一个成员(jeff)。

其他操作系统中的组

其他操作系统使用chown,但其组的功能可能有所不同。

例如,在macOS X和BSD中,用户没有私有组。相反,所有常规用户都属于一个名为users的常规组。

在这些操作系统中,chown的选项和功能可能相似,但不同。如果您在非Linux操作系统上使用chown,请确保运行man chown以了解不同之处。

chown [-c|--changes] [-v|--verbose] [-f|--silent|--quiet] [--dereference]
      [-h|--no-dereference] [--preserve-root]
      [--from=currentowner:currentgroup] [--no-preserve-root]
      [-R|--recursive] [--preserve-root] [-H] [-L] [-P]
      {new-owner|--reference=ref-file} file ...
chown --help
chown --version

Specifying the new owner

New ownership of file is specified by the argument new-owner, which takes this general form:

[user[:group]]

Specifically, there are five ways to format new-owner:

new-owner form Description
user The name of the user to own the file. In this form, the colon (":") and the group is omitted. The owning group is not altered.
user:group The user and group to own the file, separated by a colon, with no spaces in between.
:group The group to own the file. In this form, user is omitted, and the group must be preceded by a colon.
user: If group is omitted, but a colon follows user, the owner is changed to user, and the owning group is changed to the login group of user.
: Specifying a colon with no user or group is accepted, but ownership will not be changed. This form does not cause an error, but changes nothing.

Notes on usage

  • user and group can be specified by name or by number.
  • Only root can change the owner of a file. The owner cannot transfer ownership, unless the owner is root, or uses sudo to run the command.
  • The owning group of a file can be changed by the file's owner, if the owner belongs to that group. The owning group of a file can be changed, by root, to any group. Members of the owning group other than the owner cannot change the file's owning group.
  • The owning group can also be changed by using the chgrp command. chgrp and chown use the same system call, and are functionally identical.
  • Certain miscellaneous file operations can be performed only by the owner or root. For instance, only owner or root can manually change a file's "atime" or "mtime" (access time or modification time) using the touch command.
  • Because of these restrictions, you will almost always want to run chown as root, or with sudo.

Options

Option Description
-c,
--changes
Similar to --verbose mode, but only displays information about files that are actually changed. For example:

changed ownership of 'dir/dir1/file1' from hope:neil to hope:hope
-v,
--verbose
Display verbose information for every file processed. For example:

changed ownership of 'dir/dir1/file1' from hope:neil to hope:hopeownership of 'dir/dir1' retained as hope:hope
-f,
--silent,
--quiet
Quiet mode. Do not display output.
--dereference Dereference all symbolic links. If file is a symlink, change the owner of the referenced file, not the symlink itself. This is the default behavior.
-h,
--no-dereference
Never dereference symbolic links. If file is a symlink, change the owner of the symlink rather than the referenced file.
--from=currentowner:currentgroup Change the owner or group of each file only if its current owner or group match currentowner and/or currentgroup. Either may be omitted, in which case a match is not required for the other attribute.
--no-preserve-root Do not treat / (the root directory) in any special way. This is the default behavior. If the --preserve-root option is previously specified in the command, this option will cancel it.
--reference=ref-file Use the owner and group of file ref-file, rather than specifying ownership with new-owner.
-R,
--recursive
Operate on files and directories recursively. Enter each matching directory, and operate on all its contents.

Options

The following options modify how a hierarchy is traversed when the -R or --recursive option is specified.

Option Description
--preserve-root Never operate recursively on the root directory /.

If --recursive is not specified, this option has no effect.
-H If a file specified on the command line is a symbolic link to a directory, traverse it and operate on those files and directories as well.
-L Traverse all symbolic links to a directories.
-P Do not traverse any symbolic links; operate on the symlinks themselves. This is the default behavior.

If more than one of -H-L, or -P is specified, only the final option takes effect.

Options

These options display information about the program, and cannot be used with other options or arguments.

Option Description
--help Display a brief help message and exit.
--version Display version information and exit.

Exit status

chown exits with a status of 0 for success. Any other number indicates failed operation.

Why change a file's ownership?

You should use chown when you want a file's user or group permissions to apply to a different user or group.

Hypothetical scenarios

Here are some examples of when you might use chown:

  • You create a file, myfile.txt, using sudo or while logged in as root, so the file is owned by root. However, you intend the file to be used by your regular user account, myuser.

    Use chown to change the owner:
sudo chown myuser myfile.txt
  • You own myfile.txt, but you want to give it to another user on the system named notme. You also want to change the owning group to that user's group, notmygroup.

    Use chown to change the owner and group:
sudo chown notme:notmygroup myfile.txt
  • You just transferred an entire directory of files, otherfiles, from another computer. All the files and directories are owned by your username on the other system, and you want your current user and group to own them all.

    Change the ownership of the directory and all its contents recursively, with the -R option:
sudo chown -R myuser:mygroup otherfiles

The above command will change the ownership of every file, subdirectory, and subdirectory contents in otherfiles.

Groups in Linux

In Linux, a user can be a member of multiple groups, but it has only one "current group". The user's current group is the user's group identity, or GID.

When the user creates a new file, the file's ownership is set to the user's UID (user identity) and GID (group identity). So when user carla starts writing a new document, the file is owned by carla, and also by her current group. She can change the file's group ownership with chown, but only root can use chown to change the owner to someone else.

Also, each user has a configurable login group, which can be any of the user groups. So when carla logs in, her login group is her current group. The login group can be changed with the usermod command, using the -g option.

sudo usermod -g newlogingroup carla

A user can change current group with the newgrp command. The change takes place in a subshell, and persists until the subshell is closed. Even if carla changes her current group with newgrp, it will be reset to her login group the next time she logs in.

You can check your current group using the id command with the -g option:

id -g
1001

This is your numeric GID (the number of your current group). To see the name, specify the -n option:

id -ng
hope

To view all of your group memberships, use a capital G:

id -nG
hope sudo neil libvirtd vboxusers usergroup

By default, every Linux user has a private group, with that user as the only member. So, when the user account jeff is created with the adduser command, a group named jeff is also created. Group jeff is jeff's default login group, and has only one member (jeff).

Groups in other operating systems

Other operating systems use chown, but their groups may function differently.

In macOS X and BSD, for example, users don't have private groups. Instead, all regular users belong to a general group called users.

In these operating systems, the options and functionality of chown may be similar, but different. If you're using chown on a non-Linux operating system, make sure to run man chown to learn what the differences are.

查看英文版

查看中文版

chown 例子

查看所有权

在使用chown之前,您可能需要检查文件的当前所有权。您可以使用-l选项,通过ls命令查看文件的所有权,权限和其他重要信息:

ls -l myscript.sh 
-rwxrw-r--hope hopeusers 12 Nov 5 13:14 myscript.sh

在输出中,您看到列出的几个信息字段,包括文件的权限和所有权。起初它可能没有意义,所以让我们对其进行详细描述。

以下是信息的含义:

Data Field position 描述
-- Field 1,character 文件类型d用于目录,l(小写L)用于符号链接,或-(破折号)用于常规文件。
rwx Field 1,character2 - 4 用户权限。所有者可以读取(“ r ”),写入(“ w ”)和执行(“ x ”)该文件。
rw Field 1,character5 - 7 组权限。所属组可以读写此文件,但不能作为命令执行。
r-- Field 1,character8 - 10 其他权限,也称为世界权限。系统上的任何其他用户都只能读取文件。
1 Field 2 指向该文件的符号链接数。如果没有符号链接到文件,则此数字为1,因为此计数中包括原始文件名。如果文件有一个符号链接,则该数字将为2,对于两个符号链接则为3,以此类推。
hope Field 3 所有者姓名。这是拥有文件的用户的名称。当该用户尝试访问文件时,将根据用户权限限制访问。
hopeusers Field 4 所属组的名称。这是拥有文件的用户组。当属于该组成员的用户尝试访问文件时,将根据组权限限制访问。
12 Field 5 大小。该文件包含12 个字节的数据。
Nov Field 6 Mtime(月)。上次修改文件内容的月份的缩写名称。该文件的最后修改时间为11月。
5 Field 7 Mtime(每月的某天)。该文件的最后修改时间为11月的第五天。
13:14 Field 8 Mtime(时间或年份)。该文件的最后修改时间为今年11月5日13:14(下午1:34)。如果在一年前进行了修改,则该字段将改为列出年份,例如2015
myscript.sh Field 9 文件名。文件名。

因此,这里的重要字段是1、3和4。它们告诉我们用户希望可以读取,写入或执行文件的内容,hope用户组的成员可以读取或写入文件。

改变所有权

sudo chown hope file.txt

file.txt的所有者更改为用户hope

sudo chown hope file1 file2 file3

file1file2file3的所有者更改为用户hope

sudo chown hope file*

在此,星号(“ * ”)是通配符,shell会将其扩展为名称以“ file ”开头的每个文件的列表。如果当前目录包含名为file1file2file3file4的四个文件,则所有这些文件的名称都传递给chown命令,并且它们的所有者更改为用户hope

sudo chown hope myfiles

将文件或目录myfiles的所有者更改为用户hope

sudo chown -R hope myfiles

myfiles的所有者更改为用户hope。如果myfiles是目录,chown将递归(-R)搜索该目录,并更改所有文件,子目录和子目录内容的所有者。

sudo chown hope:admins file1 file2

file1file2的所有者更改为用户hope,将所有者组更改为admin

sudo chown hope:file1

file1的所有者更改为用户hope,并将拥有组更改为hope的登录组。

chown:othergroup file2

所属组更改文件2至组othergroup。请注意,这是这些示例中的唯一命令,可以在不使用sudo的情况下运行。

如果用户hope运行前一个命令但不属于组othergroup,则该命令将失败,除非使用sudo运行。

sudo chown 1000:1001 file1

文件1的所有权更改为数字UID为1000的用户以及数字GID为1001的组。

sudo chown+1000:+1001 file1

与上一个命令相同。如果用户hope具有UID 1000,并且另一个用户名为“ 1000”但具有UID 1002,则此命令格式(带有“ + ”符号)可以明确地将所有者更改为hope

sudo chown -R hope:hope Documents

递归地将目录Documents及其中的所有文件和子目录的所有权更改为用户hope,组hope

sudo chown -Rc--reference/ home / hope / inbox〜/ Documents / work

递归地更改目录〜/ Documents / work以及目录中所有文件和子目录的所有权,以匹配文件或目录/ home / hope / inbox的所有权。

在上面的命令,(一个波浪号)是一个别名在bash中代表你的主目录。你的home目录也可以由代表环境变量 $ HOME,如$ HOME /Documents/work

另外,如果任何文件更改了所有权(-c选项),信息将被打印到标准输出中:

changed ownership of 'dir/file2' from neil:neil to hope:hope
changed ownership of 'dir/dir1/file1' from susie:susie to hope:hope
changed ownership of 'dir/dir1' from judy:judy to hope:hope
changed ownership of 'dir/dir2/file2' from jeff:jeff to hope:hope
changed ownership of 'dir/dir2' from carla:carla to hope:hope
changed ownership of 'dir/file1' from steve:steve to hope:hope
changed ownership of 'dir' from grace:grace to hope:hope

Viewing ownership

Before you use chown, you may want to check the current ownership of a file. You can view a file's ownership, permissions, and other important information with the ls command, using the -l option:

ls -l myscript.sh
-rwxrw-r-- 1 hope hopeusers 12 Nov  5 13:14 myscript.sh

In the output, you see several fields of information listed, including the permissions and ownership of the file. It might not make sense at first, so let's describe it in detail.

Here's what the information means:

Data Field position Description
- Field 1character 1 File typed for a directoryl (lowercase L) for a symbolic link, or - (a dash) for a regular file.
rwx Field 1, characters 2-4 User permissions. The owner can read ("r"), write to ("w"), and execute ("x") this file.
rw- Field 1, characters 5-7 Group permissions. The owning group can read and write to this file, but cannot execute it as a command.
r-- Field 1, characters 8-10 Other permissions, also known as world permissions. Any other user on the system is allowed to read the file only.
1 Field 2 Number of symbolic links to this file. If there are no symbolic links to the file, this number is 1, because the original file name is included in this count. If there were one symbolic link to the file, this number would be 2, or 3 for two symbolic links, etc.
hope Field 3 Name of owner. This is the name of the user who owns the file. When this user tries to access the file, access is restricted according to the user permissions.
hopeusers Field 4 Name of owning group. This is the user group who owns the file. When a user who is a member of this group tries to access the file, access is restricted according to the group permissions.
12 Field 5 Size. This file contains 12 bytes of data.
Nov Field 6 Mtime (month). Abbreviated name of the month when the file's contents were last modified. This file was last modified in the month of November.
5 Field 7 Mtime (day of month). This file was last modified on the fifth day of November.
13:14 Field 8 Mtime (time, or year). This file was last modified at 13:14 (1:34 P.M.) on November 5 of this year. If it was modified over a year ago, this field would list the year instead, for instance 2015.
myscript.sh Field 9 File name. The name of the file.

So the important fields here are 1, 3 and 4. They tell us that user hope can read, write, or execute the file's contents, and members of the group hopeusers can read or write to it.

Changing ownership

sudo chown hope file.txt

Change the owner of file.txt to user hope.

sudo chown hope file1 file2 file3

Change the owner of file1file2, and file3 to user hope.

sudo chown hope file*

Here, the asterisk ("*") is a wildcard which the shell expands to a list of every file whose name begins with "file". If the current directory contains four files named file1file2file3, and file4, all these files' names are passed to the chown command, and their owners changed to user hope.

sudo chown hope myfiles

Change the owner of file or directory myfiles to user hope.

sudo chown -R hope myfiles

Change the owner of myfiles to user hope. If myfiles is a directory, chown will recursively (-R) search that directory, and change the owner of all files, subdirectories, and subdirectory contents.

sudo chown hope:admins file1 file2

Change the owners of file1 and file2 to user hope, and the owning groups to admins.

sudo chown hope: file1

Change the owner of file1 to user hope, and the owning group to hope's login group.

chown :othergroup file2

Change the owning group of file2 to group othergroup. Notice that this is the only command in these examples which may be run without sudo.

If user hope runs the previous command but does not belong to group othergroup, the command will fail, unless it is run with sudo.

sudo chown 1000:1001 file1

Change the ownership of file1 to the user with numeric UID 1000, and the group with numeric GID 1001.

sudo chown +1000:+1001 file1

Same as the previous command. If user hope has UID 1000, and another user is named "1000" but has UID 1002, this command form (with the "+" signs) unambiguously changes the owner to hope.

sudo chown -R hope:hope Documents

Recursively change the ownership of directory Documents, and all files and subdirectories therein, to user hope, group hope.

sudo chown -Rc --reference /home/hope/inbox ~/Documents/work

Recursively change the ownership of the directory ~/Documents/work, and all files and subdirectories therein, to match the ownership of the file or directory /home/hope/inbox.

In the above command, ~ (a tilde) is an alias in bash which represents your home directory. Your home directory can also be represented by the environment variable $HOME, as in $HOME/Documents/work.

Also, if any files change ownership (-c option), information will be printed to standard output:

changed ownership of 'dir/file2' from neil:neil to hope:hope
changed ownership of 'dir/dir1/file1' from susie:susie to hope:hope
changed ownership of 'dir/dir1' from judy:judy to hope:hope
changed ownership of 'dir/dir2/file2' from jeff:jeff to hope:hope
changed ownership of 'dir/dir2' from carla:carla to hope:hope
changed ownership of 'dir/file1' from steve:steve to hope:hope
changed ownership of 'dir' from grace:grace to hope:hope

查看英文版

查看中文版

发表评论
评论列表
共0条
点击加载更多