Working with Linux Directory Permissions

30 minutes
  • 5 Learning Objectives

About this Hands-on Lab

In this lab, we’ll be working with directory permissions on a Linux host. We’ll start by creating some groups and directories, and then set up permissions to only allow each group to access its own directory.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create user groups.
  1. There are four groups to be created:

    • accounting
    • engineering
    • management
    • hr
  2. Use the sudo groupadd -g #### [groupname] command:

    • sudo groupadd -g 1111 accounting
    • sudo groupadd -g 2222 engineering
    • sudo groupadd -g 3333 management
    • sudo groupadd -g 4444 hr
Create directories.
  1. There are four directories to be created:
    • accounting
    • engineering
    • management
    • hr
  2. Create each group using the sudo mkdir /directoryname command:
    • sudo mkdir /accounting
    • sudo mkdir /engineering
    • sudo mkdir /management
    • sudo mkdir /hr
Add each of the newly created directories to its associated group.
  1. Use the command sudo chgrp groupname /directoryname to add each of the newly created directories to its associated group:
    • sudo chgrp accounting /accounting
    • sudo chgrp engineering /engineering
    • sudo chgrp management /management
    • sudo chgrp hr /hr
Set group permissions on each of the newly created directories.
  1. For each of the newly created directories, use the command sudo chmod g+rwx /directoryname to give the group owner read, write, and execute permissions to the directory:
    • sudo chmod g+rwx /accounting
    • sudo chmod g+rwx /engineering
    • sudo chmod g+rwx /management
    • sudo chmod g+rwx /hr
Prevent non-group members from accessing files.
  1. In order to prevent other non-group members from reading and executing files in each of the newly created directories, use sudo chmod o-rx /directoryname command:
    • sudo chmod o-rx /accounting
    • sudo chmod o-rx /engineering
    • sudo chmod o-rx /management
    • sudo chmod o-rx /hr

Additional Resources

You've been assigned a new project that consists of setting up file shares for a new file server. You'll need to create some user groups, which user accounts will later be added to based on roles:

  • accounting (Group ID 1111)
  • engineering (Group ID 2222)
  • management (Group ID 3333)
  • hr (Group ID 4444)

Then, you'll need to create a single directory at the root of the file system for each of the newly created groups — using the same name as each group — and assign read, write, and execute permissions to each of the directories for its associated group. For example, the accounting group would received read, write, and execute permissions for the accounting directory.

Lastly, you'll need to ensure only each group has access to its own directory. For example, accounting should only be able to access the accounting directory — not the engineering, management, or hr directories.

Connecting to the Lab

Log in via SSH using the provided IP address, username, and password. Now, use the "Guide" located above the video to view the scenario and tasks to be completed.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!