chown: Usage, Options & Common CI Errors
chown sets which user and group own a file.
chown matters most in containers and volume mounts, where files written by root end up owned by a UID the runner user cannot touch. It needs privilege, so it fails politely when run unprivileged.
What it does
chown changes the owning user and/or group of files and directories. Changing the owner requires root (CAP_CHOWN); a normal user can only change group to one they belong to.
Common usage
chown user file.txt
chown user:group file.txt
chown -R node:node /app # recursive, common in Dockerfiles
chown :staff file.txt # change group only
chown --reference=template.txt target.txtOptions
| Item | What it does |
|---|---|
| user:group | Set owner and group |
| :group | Set group only |
| -R | Recurse into directories |
| -h | Affect symlinks themselves, not targets |
| --reference=FILE | Copy ownership from another file |
Common errors in CI
"chown: changing ownership of "X": Operation not permitted" - you are not root; either run with sudo or do the chown in a Docker build stage as root before USER drops privileges. "chown: invalid user: "node:node"" means that user/group does not exist in the image yet (create it, or use a numeric UID:GID). Mounted-volume permission clashes are usually solved by matching the container UID to the host user (--user $(id -u):$(id -g)).