chown — Change the owner (and optionally the group) of a file or directory across all 5 shells
Equivalents in every shell
chown user filechown user filechown user file$a = Get-Acl file; $a.SetOwner([System.Security.Principal.NTAccount]"user"); Set-Acl file $aChanging owner on Windows needs `SeTakeOwnershipPrivilege` (Administrator). `takeown /F file` is the quick `sudo chown $(whoami) file` equivalent.
takeown /f fileTakes ownership for the current admin user. To set ownership to a specific account, use `icacls file /setowner <user>` (also admin-only).
Worked examples
Change owner to user `alice`
sudo chown alice file.txt$a = Get-Acl file.txt; $a.SetOwner([System.Security.Principal.NTAccount]"alice"); Set-Acl file.txt $aicacls file.txt /setowner aliceChange owner and group together
sudo chown alice:devs file.txtsudo chown alice:devs file.txtRecursively change owner of a directory
sudo chown -R alice /var/log/appGet-ChildItem -Recurse C:\logs\app | ForEach-Object { $a = Get-Acl $_.FullName; $a.SetOwner([System.Security.Principal.NTAccount]"alice"); Set-Acl $_.FullName $a }icacls C:\logs\app /setowner alice /TGotchas
- On Unix only `root` (via `sudo`) can change ownership to another user; the file owner can only `chown` to themselves or to a group they belong to.
- On Windows, only Administrators or holders of `SeRestorePrivilege` can change ownership — and the change does NOT preserve the previous owner’s ACL entries.
- `chown user:` (trailing colon, no group) sets the group to the user’s login group on GNU `chown`; BSD `chown` (macOS pre-Sonoma) errors out.
- `takeown /F` always sets ownership to the *current* admin account; to give ownership to someone else use `icacls /setowner <user>`.
WSL & PowerShell Core notes
Common tasks using chown
- Change file permissions
Modify read/write/execute permissions on a file or directory.
- Change the group ownership of a file or directory
Reassign a file's group — for granting team-wide read/write via group permissions, for matching a service account's primary group, or for fixing post-clone permissions where the working tree is owned by the wrong group.
- Change the owner of a file or directory
Reassign a file or directory to a different user (and optionally group) — for fixing permission errors after copying files between users, after extracting tarballs as root, or when handing data over to a service account.
- Find files by permission bits
Search a directory tree for files matching specific permission bits — world-writable files for a security audit, SUID/SGID binaries for a post-CVE sweep, or files with exactly `0644` to verify a deployment.
- Make a script executable
Give a script the right permissions and shebang so you can run it directly (`./script.sh`) instead of through an interpreter (`bash script.sh`).
- Set permissions recursively on a directory tree
Apply a single permission change to a directory and every file underneath — for locking down a freshly-extracted tarball, undoing world-writable mistakes, or normalizing permissions on a copied directory.
- View ACLs and extended file permissions
Inspect the full access-control list of a file — beyond the POSIX nine-bit `rwxrwxrwx` mode — to see per-user / per-group grants, the ACL mask, default (inherited) ACLs, and the audit (SACL) entries that `ls -l` will not show.