User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

linux:groups-how-to [2019/01/21 11:07] (current)
seanburns created
Line 1: Line 1:
 +# Create Groups and Share Directories
 +## Date: Tue Sep 11 14:10:55 EDT 2018
 +## Updated: Mon Sep 24 15:26:25 EDT 2018
 +**Demo Notes:** The "user" and the *group* in the commands below should 
 +indicate a real user and a real group on the machine.
 +## Creating a new user and a new group
 +First, let's created a new user on the system:
 +``$ sudo useradd -m captkirk``
 +And then create a password for the new user:
 +``$ sudo passwd captkirk``
 +Now let's create a new group on our system:
 +``$ sudo groupadd warp_project1``
 +Let's add myself and user 'captkirk' to the new group:
 +``$ sudo usermod -aG warp_project1 sean``
 +``$ sudo usermod -aG warp_project1 captkirk``
 +Log out and log back in for the new membership in the group 
 +to take effect. To check that you're in the new group, 
 +simply run the *groups* command:
 +``$ groups``
 +## Creating a shared directory, based on group membership
 +Here I'll demonstrate how to create a shared directory using the *setgid* bit 
 +when controlling file permissions.
 +First, let me make a directory for sharing. I'll make one at the root 
 +``$ cd / ; sudo mkdir shared ; ls -ld shared/``
 +Now I'll change the ownership of the directory:
 +``$ sudo chown user:group shared/``
 +I next need to change the directory's permissions using *chmod*. Note that in 
 +previous *chmod* commands, I only used three numbers (e.g., 775). But here I'
 +adding a new number. The new number, located in the first position, indicates 
 +the *setuid*, *setgid*, or the sticky bit permissions, and like the others, is 
 +modified by either setting that first position to 4, 2, or 1, respectively, or 
 +summing up some combination of them.
 +``$ sudo chmod -R 2775 shared/``
 +The *ugo* (user, group, other) positions always need to be stated when using 
 +*chmod*, but the setuid, setgid, and sticky bit are optional. I've added the 
 +*-R* here, which means to act recursively on all sub-directories and files in 
 +those sub-directories, if they already exist. It's not necessary to use the 
 +recursive option if there are no preexisting such sub-directories and files, 
 +and any new files and directories created in **shared/** will automatically 
 +have the proper group ownership.
 +Things to note: the *setuid* (4) bit only applies to files. The *setgid* (2) 
 +bit applies to both files and directories. The sticky bit (1) applies only to 
 +directories. Setting the *setgid* bit on, by adding a 2 as the first bit in the 
 +*chmod* command above, means that we are enabling group ownership on that 
 +directory and all files in it.
 +Once the directory is created and the setgid is set, then anyone in the named 
 +group may be able to share and modify files in that directory.
 +Here's a link to a [nice discussion of *setuid*, *setgid*, and also of
 +the sticky bit][1].
linux/groups-how-to.txt ยท Last modified: 2019/01/21 11:07 by seanburns