Filesystem permissions

Task 1:

Configure the permissions of /var/tmp/fstab

Copy the file /etc/fstab to /var/tmp/fstab. Configure the permissions of /var/tmp/fstab so that:

The file /var/tmp/fstab is owned by the root user.

The file /var/tmp/fstab belongs to the group root.

The file /var/tmp/fstab should not be executable by anyone.

The user natasha is able to read and write /var/tmp/fstab.

All other users (current or future) have the ability to read /var/tmp/fstab.

Solution:

cp /etc/fstab /var/tmp
getfacl /var/tmp/fstab
chmod ugo-x /var/tmp/fstab # the file is not executable by user group and others
useradd natasha # create user natasha
passwd -stdin natasha #set password for user natasha
setfacl -m u:natasha:rw- /var/tmp/fstab
useradd hary
passwd -stdin harry
setfacl -m u:harry:--- /var/tmp/fstab
setfacl -m o::r-- /var/tmp/fstab

Task 2:

Copy /etc/fstabdocument to /var/TMPdirectory. According the following requirements to configure the permission of this documnent. The owner of this document must be root. This document belongs to root group. User mary have read and write permissions for this document. User alice have read and execute permissions for this document. Create user named bob, set uid 1000. Bob have read and write permissions for this document. All users has read permission for this document in the system

Solution:

cp /etc/fstab /var/tmp
chgrp root:root /var/tmp/fstab
chown root:root /var/tmp/fstab
getfacl /var/tmp/fstab
ls -ld /var/tmp/fstab
useradd mary
passwd --stdin mary
setfacl -m u:mary:rw- /var/tmp/fstab
getfacl /var/tmp/fstab
useradd alice
passwd --stdin alice
setfacl -m u:alice:r-x /var/tmp/fstab
getfacl /var/tmp/fstab
useradd -u 1000 bob
passwd --stdin bob
setfacl -m u:bob:rw- /var/tmp/fstab
chmod a+r /var/tmp/fstab
getfacl /var/tmp/fstab

Task 3:

Make on /archive directory that only the user owner and group owner member can fully access.

Solution:

mkdir -p /archive
chmod 770 /archive
ls -ld archive

Task 4:

Copy the file /etc/fstabto /var/tmp. Configure the following permissions on /var/tmp/fstab

  • The file /var/tmp/fstabis owned by root user.

  • The file /var/tmp/fstabis belongs to the root group

  • The file /var/tmp/fstab should be executable by anyone.

  • The user harry is able to read and write on /var/tmp/fstab

  • The user natasha can neither read nor write on /var/tmp/fstab

  • All other users (current or future) have the ability to read /var/tmp/fstab

Solution:

cp /etc/fstab /var/tmp
chown root:root /var/tmp/fstab
setfacl -m u:harry:rw- /var/tmp/fstab
setfacl -m u:natasha:--- /var/tmp/fstab
setfacl -m o::r /var/tmp/fstab
chmod a+x /var/tmp/fstab
getfacl /var/tmp/fstab

Task 5:

Create a catalog under /home named admins. Its respective group is requested to be the admin group. The group users could read and write, while other users are not allowed to access it. The files created by users from the same group should also be admin group.

Solution:

mkdir -p /home/admins
chown :admin /home/admins
chmod 770 /home/admins/
chmod g+s /home/admins

Task 6:

Make on data that only user owner and group owner member can fully access.

Solution:

mkdir -p /data
chown username:groupname /data
chmod 770 /data
ls -ld /data

Task 7:

Create a collaborative directory /home/admins with the following charasteristics:

  • Group ownership of /home/adminsis adminuser

  • The directory should be readable, writeable, and accessible to members of adminuser, but not to any other user.

  • (It is understood that root has access to all files and directories on the system)

  • Files created in /home/admins automatically have group ownership set to the adminuser group.

Solution:

mkdir -p /home/admins
groupadd adminuser
chown :adminuser /home/admins
chmod 2770 /home/admins
ls -ld /home/admins

Task 8:

According to the following requirements to create a local directory /common/admin

  • This directory has admin group

  • This directory has read,write, and execute permissions for all admin group members.

  • Other groups and users don't have any permissions

  • All the documents or directories created in the /common/adminare automatically inherit the admin group.

Solution:

mkdir -p /common/admin
chgrp admin /common/admin
chmod 2770 /common/admin
ls -ld /common/admin

Task 9:

Create a shared directory /home/admins, make it has the following charasteristics:

  • /home/admins belongs to adminuser

  • this directory can be read and written by members of group adminuser.

  • Any files created in /home/admins, group automatically set as adminuser

Solution:

mkdir /home/admins
groupadd adminuser
chgrp adminuser /home/admins
chmod 2770 /home/admins

Task 10:

Copy /etc/fstabto /var/tmpgroup name admin, the user1could read, write and modify it, while user2without any permission.

Solution:

cp /etc/fstab /var/tmp
groupadd admin
chgrp admin /var/tmp/fstab
getfacl /var/tmp/fstab
ls -ld /var/tmp/fstab
adduser user1
adduser user2
setfacl -m u:user1:rwx /var/tmp/fstab
setfacl -m u:user2:--- /var/tmp/fstab
getfacl /var/tmp/fstab

Task 11:

Create a collaborative directory /mnt/shareswith the following characteristics:

  • Group ownership of /mnt/sharesshould be sharegrp.

  • The direcory should be readable, writeable and accessible to member of sharegrpbut not to any other user. (It is understood that root has access to all files and directories on the system)

  • Files created in /mnt/sharesautomatically have group ownership set to the sharegrpgroup.

Solution:

groupadd sharegrp
mkdir -p /mnt/shares
chgrp sharegrp /mnt/shares
chmod 2770 /mnt/shares

# or
chmod 770 /mnt/shares
chmod g+s /mnt/shares

PreviousLogical volumesNextYum software package manager

Last updated

Was this helpful?