Setting Up a Workgroup Directory
The steps you may use to create a useful workgroup directory for a small team of people are briefly described here. The goals of the directory are as follows:
The workgroup is to be called sales and has members jdoe, bsmith, and jbrown.
The directory is /home/sales.
Only the creators of files in /home/sales should be able to delete them.
Members shouldn’t worry about file ownership, and all group members require full access to files.
Nonmembers should have no access to any of the files.
The following steps will satisfy the goals:
Create the new group:
Add the existing users to the group:
usermod –a -G sales jdoe#
usermod –a -G sales bsmith#
usermod –a -G sales jbrown
Create a directory for the group:
Set the ownership of the new directory:
chgrp sales /home/sales
Protect the directory from others:
chmod 770 /home/sales
Set the SGID bit to ensure that the sales group will own all new files. Also set the sticky bit to protect files from deletion by nonowners:
chmod g+s,o+t /home/sales
su - jdoe$
ls -l afile-rw-rw-r-- 1 jdoe sales 0 Jan 3 02:44 afile $
su - bsmith#
rm afilerm: cannot unlink 'afile': Operation not permitted
After the ls command, we see that the group ownership is correctly set to sales. After the rm command, we see that bsmith cannot delete afile, which was created by jdoe. We also note that although afile has mode 664, the directory containing ...