spurs
Flight Engineer
Flight Engineer
  • 1,475 Views

ACL question!

Jump to solution

Hi 

There was a question about managing permissions. However, I couldn't solve the last sentence. Please help!

I'll illustrate what I've done for each question

1. Create shared group directories /data/students and /data/profs and ensure that members of the group students have full access to /data/students, and members of profs have full access to /data/profs. The others entity should have no access at all.

A: chmod 770 dir, chgrp students /data/students, chgrp profs /data/profs

2. Ensure that all new files in these directories are automatically group-owned by the group-owner of the directory

A: [setgid] > chmod 2770 dir

3.Only the owner of a file is allowed to remove files 

A: [sticky bit] > chmod 3770 dir

4. User anna is head-master and should be allowed to remove all files

A: chown anna dir

5. All users from the group profs should have read permissions on all files in /data/students

A: ACL > setfacl -m d:g:profs /data/students

 

After that, I logged in one of the members in students and create file in /data/students, then tried to see this file as a member of profs. BUT GOT PERMISSION DENIED..

here is a picture 

spurs_0-1690564933078.png

it seems correct that group profs has a r-x permissions so should be able to navigate students folder, but it didn't..

 

 

Thank you for someone's help !

3 Solutions

Accepted Solutions
Chetan_Tiwary_
Moderator
Moderator
  • 1,459 Views

Hello @spurs !

Try this and let me know how this goes for you : 

image.png

 

View solution in original post

Chetan_Tiwary_
Moderator
Moderator
  • 1,447 Views

First command sets the ACL to the directory itself , second sets the default ACL which means that any new files or subdirectories created inside /data/students will inherit the same ACL.

View solution in original post

Chetan_Tiwary_
Moderator
Moderator
  • 1,433 Views

Glad that it helped @spurs ! 

View solution in original post

8 Replies
Chetan_Tiwary_
Moderator
Moderator
  • 1,460 Views

Hello @spurs !

Try this and let me know how this goes for you : 

image.png

 

spurs
Flight Engineer
Flight Engineer
  • 1,450 Views

Okayyyyyy! 

I think I got it.

It worked after I entered "setfacl -m g:profs:rx /data/students" 

Looks like I need to type "setfacl -m g:profs:rx /data/students" and "setfacl -m d:g:profs:rx /data/students" Honestly, not sure about if d:g:profs:rx is necessary 

Thank you!

Chetan_Tiwary_
Moderator
Moderator
  • 1,448 Views

First command sets the ACL to the directory itself , second sets the default ACL which means that any new files or subdirectories created inside /data/students will inherit the same ACL.

spurs
Flight Engineer
Flight Engineer
  • 1,439 Views

Make sense now!!!!!!!!!!! Thank you

Chetan_Tiwary_
Moderator
Moderator
  • 1,434 Views

Glad that it helped @spurs ! 

khokha
Flight Engineer
Flight Engineer
  • 1,356 Views

Hi,  you're not using RHEL v9 right?

ACL isn't illustrated in RHEL v9. 

spurs
Flight Engineer
Flight Engineer
  • 1,328 Views

I'm using RHEL9 and unfortunately, ACL is on the current exam.

khokha
Flight Engineer
Flight Engineer
  • 1,315 Views

How is that ?!! It isn't in the study guide material and not listed in the exam objectives.

I checked two websites of RedHat and couldn't find it, can please mention from where did you get  this information?

Thanks in advance

 

one more thing, can you mention from where you study this part older study guides or what?

Join the discussion
You must log in to join this conversation.