Exercise 11-3: Managing Default and Special Permissions

Exercise 11-3: Managing Default and Special Permissions

In this exercise, you will practice modifying default permissions with umask and creating files.

You will also practice adding special permissions to directories. You can perform this exercise using the virtual machine that comes with this book. Run snapshot 11-3 for the correctly configured environment.

Complete the following:

1.     Verify that you are logged in to your system.

2.     If necessary, switch to your root user account with the su – command and a password of student.

3.     Change to the /RandD directory by entering cd /RandD at the shell prompt.

4.     You need to create several Research and Development documents in the RandD directory. However, you need to make sure these documents are secure from prying eyes. Recall from the previous exercise that Others is automatically granted read access to files when you create them. You don’t want this to happen. You need Others to have no access at all to any documents created. Do the following:

a.     Change the default permissions by entering umask 027at the shell prompt.

b.     Verify the value of umask by entering umask at the shell prompt. It should display 0027.

c.      Create a new file named schedule.odt by entering touch schedule.odt at the shell prompt.

d.     Enter ls –l at the shell prompt. Verify that Owner has rw–, Group has r--, and Others has – – – permissions

5.     In a previous exercise, we granted Owner and Group rwx permissions to the RandD directory. However, having the write permission to the directory allows anyone in the research group to delete any file in the directory. We want to configure the directory so that users in the research group can only delete files they actually own. Do the following:

a.     At the shell prompt, enter cd /.

b.     At the shell prompt, add the Sticky Bit permission to the RandD directory by entering chmod 1770 RandD.

c.      At the shell prompt, enter ls –l. Notice that a T has been added to the last digit of the Others portion of the mode of the RandD directory. This indicates that the sticky bit has been set:

openSUSE:/ # ls –l

total 105

drwxrwx—T 2 tux  research  4096 Mar 18 11:25 RandD

...

6.     Experiment with the new permissions you just added by logging in as different users in the system and testing what the permissions will and won’t allow you to do.

7.     In Exercise 9-1, we created a user named dtracy. However, because we didn’t use the –m option when we created him, he doesn’t have a home directory. Using what you’ve learned, do the following:

a. Create the appropriate home directory for dtracy in /home.

b. Look at the other home directories and determine the ownership and permissions that should be assigned.

c. Use command-line utilities to set the ownership and permissions for dtracy’s home directory.

d. Run pwck when you’re done to verify that the account is configured correctly.