# C. Sean Burns: Notebook

### Site Tools

linux:groups-how-to

# Differences

This shows you the differences between two versions of the page.

 — linux:groups-how-to [2019/01/21 11:07] (current)seanburns created 2019/01/21 11:07 seanburns created 2019/01/21 11:07 seanburns created Line 1: Line 1: + + # Create Groups and Share Directories + ## Date: Tue Sep 11 14:10:55 EDT 2018 + ## Updated: Mon Sep 24 15:26:25 EDT 2018 + **Demo Notes:** The "user" and the *group* in the commands below should + indicate a real user and a real group on the machine. + + ## Creating a new user and a new group + + First, let's created a new user on the system: + + $sudo useradd -m captkirk + + And then create a password for the new user: + + $ sudo passwd captkirk + + Now let's create a new group on our system: + + $sudo groupadd warp_project1 + + Let's add myself and user 'captkirk' to the new group: + + $ sudo usermod -aG warp_project1 sean + + And: + + $sudo usermod -aG warp_project1 captkirk + + Log out and log back in for the new membership in the group + to take effect. To check that you're in the new group, + simply run the *groups* command: + + $ groups + + ## Creating a shared directory, based on group membership + + Here I'll demonstrate how to create a shared directory using the *setgid* bit + when controlling file permissions. + + First, let me make a directory for sharing. I'll make one at the root + directory: + + $cd / ; sudo mkdir shared ; ls -ld shared/ + + Now I'll change the ownership of the directory: + + $ sudo chown user:group shared/ + + I next need to change the directory's permissions using *chmod*. Note that in + previous *chmod* commands, I only used three numbers (e.g., 775). But here I'm + adding a new number. The new number, located in the first position, indicates + the *setuid*, *setgid*, or the sticky bit permissions, and like the others, is + modified by either setting that first position to 4, 2, or 1, respectively, or + summing up some combination of them. + + \$ sudo chmod -R 2775 shared/ + + The *ugo* (user, group, other) positions always need to be stated when using + *chmod*, but the setuid, setgid, and sticky bit are optional. I've added the + *-R* here, which means to act recursively on all sub-directories and files in + those sub-directories, if they already exist. It's not necessary to use the + recursive option if there are no preexisting such sub-directories and files, + and any new files and directories created in **shared/** will automatically + have the proper group ownership. + + Things to note: the *setuid* (4) bit only applies to files. The *setgid* (2) + bit applies to both files and directories. The sticky bit (1) applies only to + directories. Setting the *setgid* bit on, by adding a 2 as the first bit in the + *chmod* command above, means that we are enabling group ownership on that + directory and all files in it. + + Once the directory is created and the setgid is set, then anyone in the named + group may be able to share and modify files in that directory. + + Here's a link to a [nice discussion of *setuid*, *setgid*, and also of + the sticky bit][1]. + + [1]:https://linuxconfig.org/how-to-use-special-permissions-the-setuid-setgid-and-sticky-bits +