When you encounter the error -bash: cd: www: Permission denied while trying to navigate into /var/www, it's clearly a permissions issue. Let's break down what's happening based on the ls -l output:
drwxrwxr-- 13 root root 4096 2011-02-26 21:53 www
The directory permissions drwxrwxr-- can be interpreted as:
d: Directoryrwx: Owner (root) has read/write/executerwx: Group (root) has read/write/executer--: Others have only read permission
The cd command requires execute (x) permission on a directory. While your user (david) can see the directory contents (r--), the missing execute permission prevents navigation.
Here are the correct ways to resolve this:
1. Change Directory Permissions
sudo chmod o+x /var/www
This adds execute permission for "others". For more security, you might want to:
sudo chmod 755 /var/www
2. Add Your User to the Proper Group
A better approach is to add your user to the web server group (often www-data):
sudo usermod -aG www-data david
Then change group ownership and permissions:
sudo chown -R root:www-data /var/www
sudo chmod -R 775 /var/www
3. Using Sudo Properly
The attempt sudo cd www fails because cd is a shell built-in, not an executable. Instead, use:
sudo -i
cd /var/www
Or more simply:
sudo su
cd /var/www
After making changes, verify with:
ls -ld /var/www
You should see execute permission for your access method (either through group membership or other permissions).
While chmod 777 would "solve" the problem, it's dangerous. Instead:
- Prefer group-based access control
- Maintain proper ownership (root:www-data is common for web directories)
- Consider using ACLs for complex permission scenarios
For more granular control, consider ACLs:
sudo setfacl -Rm u:david:rwx /var/www
sudo setfacl -Rm d:u:david:rwx /var/www
This gives david persistent rwx permissions while maintaining stricter defaults for others.
When working with Linux systems, directory permissions are crucial for system security and proper functionality. In your case, the /var/www directory has the following permissions:
drwxrwxr-- 13 root root 4096 2011-02-26 21:53 www
Let's break down what this means:
d: Indicates this is a directoryrwx: Owner (root) has read, write, and execute permissionsrwx: Group (root) has read, write, and execute permissionsr--: Others have only read permission
The cd command requires execute permission on a directory. While your user can read the directory contents (r--), it cannot traverse into it because the execute bit isn't set for "others".
Here are several approaches to resolve this issue:
# Solution 1: Change directory permissions (recommended for development)
sudo chmod o+x /var/www
# Solution 2: Add your user to the www-data group (common for web servers)
sudo usermod -a -G www-data yourusername
# Solution 3: Change directory ownership (use with caution)
sudo chown yourusername:yourusername /var/www -R
You might wonder why sudo cd doesn't work. This is because cd is a shell built-in command, not an external program. When you run:
sudo cd www
The shell tries to find cd in the system PATH before executing built-ins, hence the "command not found" error.
For temporary access without changing permissions:
# Method 1: Use sudo with -i to start a root shell
sudo -i
cd /var/www
# Method 2: Use sudo with bash -c
sudo bash -c "cd /var/www && ls -l"
# Method 3: Create a symbolic link (if you have home directory access)
ln -s /var/www ~/www
For production systems, consider these security recommendations:
# Set secure permissions (user:group as www-data:www-data)
sudo chown -R www-data:www-data /var/www
sudo chmod -R 750 /var/www
# For development environments with multiple users
sudo chown -R :developers /var/www
sudo chmod -R 775 /var/www
sudo setfacl -R -m g:developers:rwx /var/www
If permissions still don't work as expected:
- Check for SELinux/AppArmor restrictions:
ls -Z /var/www - Verify parent directory permissions:
namei -l /var/www - Look for ACLs:
getfacl /var/www
Remember that changing system directory permissions can have security implications. Always consider the specific requirements of your environment before implementing these changes.