Several people are working on a project in “/home/share”
and they need to create documents and programs so that
others in the group can edit and execute these documents
as needed.
$ /usr/sbin/groupadd share
$ chown -R root.share /home/share
$ /usr/bin/gpasswd -a share
$ chmod 2775 /home/share
$ ls -ld /home/share
drwxrwsr-x 2 root share 4096 Nov 8 16:19 /home/share
^———- Note the s bit, which was set with the chmod 2775
$ cat /etc/group
…
share:x:502:chirico,donkey,zoe
… ^——- users are added to this group.
The user may need to login again to get access. Or, if the user is currently
logged in, they can run the following command:
$ su –
Note, the above step is recommended over “newgrp – share” since currently
newgrp in FC2,FC3, and FC4 gets access to the group but the umask is not
correctly formed.
As root you can test their account.
$ su – “You need to ‘-‘ to pickup thier environment ‘$ su – chirico’ ”
Note: SUID, SGID, Sticky bit. Only the left most octet is examined, and “chmod 755” is used
as an example of the full command. But, anything else could be used as well. Normally
you’d want executable permissions.
Octal digit Binary value Meaning Example usage
0 000 all cleared $ chmod 0755 or chmod 755
1 001 sticky $ chmod 1755
2 010 setgid $ chmod 2755
3 011 setgid, sticky $ chmod 3755
4 100 setuid $ chmod 4755
5 101 setuid, sticky $ chmod 5755
6 110 setuid, setgid $ chmod 6755
7 111 setuid, setgid, sticky $ chmod 7755
A few examples applied to a directory below. In the first example all users in the group can
add files to directory “dirA” and they can delete their own files. Users cannot delete other
user’s files.
Sticky bit:
$ chmod 1770 dirA
Below files created within the directory have the group ID of the directory, rather than that
of the default group setting for the user who created the file.
Set group ID bit:
$ chmod 2755 dirB
Moved: http://linuxpoison.blogspot.com/ 
Leave a comment