I have scheduled my EX-200 on 25-0-2019, please give me some great tips.
and please help me with this one.
set umask 0066 for newly created users! the way i do it echo "umask 0066 >> /etc/profile, echo "umask 0066 >> /etc/bashrc" , i was thinking it sets default umask for all the users including system's & root, could it be that i copy the function or part of script from /etc/profile that checks for UID to set umask and create a snap-in file /etc/profile.d with modified mask.
Here is a big tip: Look at the published objectives and go from there (I'm assuming EX200 for RHEL 8):
I mention this because umask isn't in them. As a result, you won't be tested on umask. -- at least not in the manner you are asking about.
There is this, which might have something to do with umask: Diagnose and correct file permission problems. Even so, this isn't the scenario you asked about.
I was just thinking about this: Why would anyone use 0066 for a umask value?
With files, this would result in 0600 (rw-------), which makes sense.
With directories, however, this will result in 0711 (rwx--x--x). Why give execute premissions to group and others without the ability to (at least) read the directory?
This can lead to problems:
[bob@server63 ~]$ id
uid=1001(bob) gid=1002(bob) groups=1002(bob),1001(sales) ...
[bob@server63 ~]$ ls -ld /opt/test
drwx--x--x. 2 root sales 22 Sep 22 20:34 /opt/test
[bob@server63 ~]$ ls -l /opt/test
ls: cannot open directory .: Permission denied
And, if a file is created in the directory, you get this (which, of course, would only have an impact if groups and others needed access to the file):
[bob@server63 ~]$ ls -l /opt/test/test.txt
-rw-------. 1 root sales 13 Sep 22 20:34 /opt/test/test.txt
[bob@server63 ~]$ cat /opt/test/test.txt
cat: /opt/test/test.txt: Permission denied
While directories with 711 permissions can obviously exist, I would imagine that it would be highly improbable that Red Hat would ask you to do such a thing on a certification exam.