Skip to main content

Working with Linux Directory Permissions

Hands-On Lab

 

Photo of Bob Salmans

Bob Salmans

Training Architect

Length

00:30:00

Difficulty

Beginner

In this lab, we'll be working with directory permissions on a Linux host. We'll start by creating some groups and directories, and then set up permissions to only allow each group to access its own directory.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Working with Linux Directory Permissions

Introduction

In this lab, we'll be working with directory permissions on a Linux host. We'll start by creating some groups and directories, and then set up permissions to only allow each group to access its own directory.

Log in via SSH using the provided IP address, username, and password.

Working with Linux Directory Permissions

Create User Groups

First, we'll create four user groups:

  • accounting
    • Group ID: 1111
  • engineering
    • Group ID: 2222
  • management
    • Group ID: 3333
  • hr
    • Group ID: 4444

Use the sudo groupadd -g #### [groupname] command:

sudo groupadd -g 1111 accounting  
sudo groupadd -g 2222 engineering  
sudo groupadd -g 3333 management  
sudo groupadd -g 4444 hr  

Create Directories

Next, we need to create four directories:

  • accounting
  • engineering
  • management
  • hr

Create each directory using the sudo mkdir /directoryname command:

sudo mkdir /accounting
sudo mkdir /engineering
sudo mkdir /management
sudo mkdir /hr

Add Each of the Newly Created Directories to Its Associated Group

Use the command sudo chgrp groupname /directoryname to add each directory to its associated group:

sudo chgrp accounting /accounting  
sudo chgrp engineering /engineering  
sudo chgrp management /management  
sudo chgrp hr /hr

Set Group Permissions on Each of the Newly Created Directories

For each directory, use the command sudo chmod g+rwx /directoryname to give the group owner read, write, and execute permissions to the directory:

sudo chmod g+rwx /accounting  
sudo chmod g+rwx /engineering  
sudo chmod g+rwx /management  
sudo chmod g+rwx /hr  

Prevent Non-Group Members from Accessing Files

In order to prevent other non-group members from reading and executing files in each of the newly created directories, use the sudo chmod o-rx /directoryname command:

sudo chmod o-rx /accounting
sudo chmod o-rx /engineering
sudo chmod o-rx /management
sudo chmod o-rx /hr

Conclusion

Congratulations on completing this lab!