Setting Up a Workgroup Directory
The steps you may use to create a useful workgroup directory for a small team of people are briefly described here. The goals of the directory are as follows:
The workgroup is to be called
sales
and has membersjdoe
,bsmith
, andjbrown
.The directory is /home/sales.
Only the creators of files in /home/sales should be able to delete them.
Members shouldn't worry about file ownership, and all group members require full access to files.
Nonmembers should have no access to any of the files.
The following steps will satisfy the goals:
Create the new group:
#
groupadd sales
Add the existing users to the group:
#
usermod -G sales jdoe
#usermod -G sales bsmith
#usermod -G sales jbrown
Create a directory for the group:
#
mkdir /home/sales
Set the ownership of the new directory:
#
chgrp sales /home/sales
Protect the directory from others:
#
chmod 770 /home/sales
Set the SGID bit to ensure that the
sales
group will own all new files. Also set the sticky bit to protect files from deletion by non-owners:#
chmod g+s,o+t /home/sales
Test it:
#
su - jdoe
$cd /home/sales
$touch afile
$ls -l afile
-rw-rw-r-- 1 jdoe sales 0 Jan 3 02:44 afile $exit
#su - bsmith
#cd /home/sales
#rm afile
rm: cannot unlink 'afile': Operation not permitted
After the ls command, we see that the group ownership is correctly set to sales
. After the rm command, we see that bsmith
cannot delete afile, which was created by jdoe
. We also note that although afile has mode 664, the directory containing ...
Get LPI Linux Certification in a Nutshell, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.