System Administration Guide: Security Services

ProcedureHow to Change the Owner of a File

The file owner, the Primary Administrator role, or superuser can change any file's ownership.

  1. Display the permissions on a file.

    % ls -l example-file
    -rw-r--r--   1 janedoe   staff   112640 May 24 10:49 example-file
  2. Assume the Primary Administrator role, or become superuser.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  3. Change the owner of the file.

    # chown stacey example-file
  4. Verify that the owner of the file has changed.

    # ls -l example-file
    -rw-r--r--   1 stacey   staff   112640 May 26 08:50 example-file 

Example 6–2 Enabling Users to Change the Ownership of Files That Others Own

Security Consideration – You should have good reason to override system security policy by changing the setting of the rstchown variable to zero. Any user who accesses the system can change the ownership of any file on the system.

In this example, the value of the rstchown variable is set to zero in the /etc/system file. This setting enables the owner of a file to use the chown command to change the file's ownership to another user. This setting also enables the owner to use the chgrp command to set the group ownership of a file to a group that the owner does not belong to. The change goes into effect when the system is rebooted.

set rstchown = 0

For more information, see the chown(1) and chgrp(1) man pages.

Also, be aware that NFS-mounted file systems have further restrictions on changing ownership and groups. For more information on restricting access to NFS-mounted systems, see Chapter 6, Accessing Network File Systems (Reference), in System Administration Guide: Network Services.