SIMULATION -
According the following requirements to create a local directory /common/admin.
This directory has admin group.
This directory has read, write and execute permissions for all admin group members.
Other groups and users don't have any permissions.
All the documents or directories created in the/common/admin are automatically inherit the admin group.
To meet the requirements for creating a directory /common/admin with the specified permissions and behavior, follow these steps: 1. Create the directory and any necessary parent directories using: mkdir -p /common/admin 2. Change the group of the directory to admin: chgrp admin /common/admin 3. Set the permissions to allow read, write, and execute for the group, and no permissions for others: chmod 2770 /common/admin Explanation: - mkdir -p /common/admin: This command ensures the /common/admin directory is created along with any necessary parent directories. - chgrp admin /common/admin: This command changes the group ownership of the directory to 'admin'. - chmod 2770 /common/admin: This sets the permissions so that the admin group has read, write, and execute permissions, while others have no permissions. The leading '2' ensures that new files and subdirectories inherit the group ownership.
Full solution: mkdir -p /common/admin groupadd admin chown :admin -R /common chmod 775 -R /common chmod g+s -R /common touch testfile (to verify the latter requirement)
you forget that 'Other groups and users don't have permission". instead of chmod 775 /common, the correct command is chmod 770 /common.
-R is not required. SGID will apply future group owner
#Create Directory mkdir -p /common/admin -p, --parents no error if existing, make parent directories as needed #Create Group groupadd admin #change group for /common/admin chown root:admin /common/admin or chgrp admin /common/admin #give group full permission and other no permissions chmod 770 /common/admin
#finally setGUID chmod 2770/common/admin
groupadd admin mkdir -p /common/admin chgrp -R admin /common/admin setfacl -R -m u::---,g::---,g:admin:rwX /common/admin chmod -R g+s /common/admin
when you already used rwX when why do you need g+s in the next command? Didn't rwX already set the sticky bit for group above?
i think capital X was and error which would make sense why g+s was used
mkdir -p /common/admin groupadd admin chown :admin /common/admins chmod 770 /common/admins chmod g+s /common/admins
770 mean that the Other groups and users don't have permission ?
####* prepare, if not present mkdir -p /common/admin groupadd admin ####* owner group chown .admin /common/admin/ ####* remove not needed permissions chmod o-rwx /common/admin/ chmod u-rwx /common/admin/ ####* add group permissions and sticky bit chmod g+rwxs /common/admin/
groupadd admin mkdir -p /common/admin chgrp -R admin /common/admin setfacl -R -m u::---,g::---,g:admin:rwx /common/admin ---this makes sure other groups has no access setfacl -R -dm o::- /common/admin ---this makes sure others do not have access to folders chmod -R g+s /common/admin ---turn sticky bit on for the group
groupadd admin mkdir -p /common/admin chgrp -R admin /common/admin setfacl -R -m u::---,g::---,g:admin:rwx /common/admin ---this makes sure other groups has no access setfacl -R -dm o::- /common/admin ---this makes sure others do not have access to folders chmod -R g+s /common/admin ---turn sticky bit on for the group
I THINK IN THIS QUESTION APPLY FOR ACL FOR ADMIN GROUP # setfacl -m g:admin:rwx /common/admin change permission for other group and other user #chmod 700 /common/admin apply guid #chmod g+s /common/admin please reply