Create and configure set-GID directories for collaboration

For this exercise, you need to create the following script or do the same manually:

#!/bin/bash

#Create users with passwords
 for i in rachel ross monica chandler phoebe joey; 
   do useradd $i; done

 for i in rachel ross  monica chandler phoebe joey;
   do echo "123456" | passwd $i --stdin; done

#Create groups
 groupadd friends_girls
  groupadd friends_guys
 
#Assign users to created groups
 for i in chandler ross joey; 
   do usermod -aG friends_guys $i; done
  for i in monica rachel phoebe; 
  do usermod -aG friends_girls $i; done

#Create directories
 mkdir -p /serie/{friends_girls,friends_guys}

and run:

 [root@cliente1 compartido]# sh script_users_groups 
 Changing password for user rachel.
 passwd: all authentication tokens updated successfully.
 Changing password for user ross.
 passwd: all authentication tokens updated successfully.
 Changing password for user monica.
 passwd: all authentication tokens updated successfully.
 Changing password for user chandler.
 passwd: all authentication tokens updated successfully.
 Changing password for user phoebe.
 passwd: all authentication tokens updated successfully.
 Changing password for user joey.
 passwd: all authentication tokens updated successfully.

Change the group of these directories:

[root@cliente1 ~]# cd /serie/
[root@cliente1 serie]# ll
 drwxr-xr-x. 2 root root 6 May 16 21:41 friends_girls
 drwxr-xr-x. 2 root root 6 May 16 21:41 friends_guys
        
 [root@cliente1 serie]# chgrp friends_girls friends_girls/
 [root@cliente1 serie]# chgrp friends_guys friends_guys/
 [root@cliente1 serie]# ll

 drwxr-xr-x. 2 root friends_girls 6 May 16 21:41 friends_girls
 drwxr-xr-x. 2 root friends_guys  6 May 16 21:41 friends_guys

Change the permissions of these directories:

[root@cliente1 serie]# chmod 770 friends_girls/
[root@cliente1 serie]# chmod 770 friends_guys/
 [root@cliente1 serie]# ll
 total 0
 drwxrwx---. 2 root friends_girls 6 May 16 21:41 friends_girls
 drwxrwx---. 2 root friends_guys  6 May 16 21:41 friends_guys

Add a special permission, to allow collaboration (reading, writing) within the group:

[root@cliente1 serie]# chmod 2770 friends_girls/ -->this option or 
[root@cliente1 serie]# chmod g+s friends_guys/   -->this, it's the same.
 [root@cliente1 serie]# ll
 total 0
 drwxrws---. 2 root friends_girls 6 May 16 21:41 friends_girls
 drwxrws---. 2 root friends_guys  6 May 16 21:41 friends_guys

This special permission assigns all files and directories created to the same group, for example:

[root@cliente1 serie]#  cd friends_girls/
 [root@cliente1 friends_girls]# ll
 total 0
 [root@cliente1 friends_girls]# touch archivo1
 [root@cliente1 friends_girls]# mkdir folder1
 [root@cliente1 friends_girls]# ll
 total 0
 -rw-r--r--. 1 root friends_girls 0 May 20 22:23 archivo1
 drwxr-sr-x. 2 root friends_girls 6 May 20 22:23 folder1

Sticky bit

So that nobody deletes the files of other users, only the own ones, then the bit Sticky (+ t) is the solution.

And check that everything works:

[root@cliente1 serie]# su monica
 [monica@cliente1 serie]$ ll
 total 0
 drwxrws--T. 2 root friends_girls 6 May 20 22:46 friends_girls
 drwxrws--T. 2 root friends_guys  6 May 16 21:41 friends_guys
 [monica@cliente1 serie]$ cd friends_girls/
 [monica@cliente1 friends_girls]$ ll
 total 0
 [monica@cliente1 friends_girls]$ touch 123
 [monica@cliente1 friends_girls]$ ll
 total 0
 -rw-rw-r--. 1 monica friends_girls 0 May 20 22:53 123
 [monica@cliente1 friends_girls]$ echo "hola a todos" > 123 
 [monica@cliente1 friends_girls]$ cat 123
 hola a todos

---------

$ su rachel
 Password: 
 [rachel@cliente1 /]$ cd serie/
 [rachel@cliente1 serie]$ ll
 total 0
 drwxrws--T. 2 root friends_girls 17 May 20 22:53 friends_girls
 drwxrws--T. 2 root friends_guys   6 May 16 21:41 friends_guys

 [rachel@cliente1 serie]$ cd friends_girls/
 [rachel@cliente1 friends_girls]$ ll
 total 4
 -rw-rw-r--. 1 monica friends_girls 13 May 20 22:53 123
 
[rachel@cliente1 friends_girls]$ cat 123 
 hola a todos
 [rachel@cliente1 friends_girls]$ echo "yo estoy bien , Rachel" >> 123 
 [rachel@cliente1 friends_girls]$ cat 123 
 hola a todos
 yo estoy bien , Rachel
 
[rachel@cliente1 friends_girls]$ rm -rvf 123 
 rm: cannot remove ‘123’: Operation not permitted

Now the directories friends_girls and friends_guys are ready to be used as shared directories.

Related Posts

One thought on “Create and configure set-GID directories for collaboration

Leave a Reply

Your email address will not be published. Required fields are marked *