Permission-comprehensive permission drill and example

We still have a problem. Under the current permission, the files and directories created under the Music directory have the general permissions of user bill and karen. That is,-rw

Application scenarios

Assume there are two users named bill and karen respectively. They all have music CD sets and want to create a shared directory.

They store their own music files in this directory.

User bill obtains the superuser permission through sudo.

========================================================== ====

Step 1

Bill created a group named music and added the user bill and karen to the group.

========================================================== ====

Step 2

Bill created a directory for storing music files.

Sudo mkdir/usr/local/share/Music

Because the object that bill is operating on is a file outside his main directory, he needs to have the permissions of the Super User.

========================================================== ====

Step 3

View Music directory permissions

[Allyes_op @ allyes ~] $ Ls-ld/usr/local/share/Music

Drwxr-xr-x 2 root 4096 May 30/usr/local/share/Music

You can see that this directory is owned by the root user. The permission value is 755.

========================================================== ====

Step 4

To make the directory shareable, Bill needs to change the group to which the directory belongs and grant the group write permission to the reorganization.

[Allyes_op @ allyes ~] $ Sudo chown: music/usr/local/share/Music/

[Allyes_op @ allyes ~] $ Sudo chmod 775/usr/local/share/Music/

========================================================== ====

Step 5

We still have a problem. Under the current permission, the files and directories created under the Music directory have the general permissions of user bill and karen. That is,-rw-r --.

This is because the default permission mask in the system is 0022.

This will not allow group members to write files belonging to other members in the group.

The solution is to change the permission mask used by bill and karen to 0002.

[Allyes_op @ allyes ~] $ Umask 0002

========================================================== ====

Step 6

Another problem is that every file and directory created by the member will be set to the valid Group of the user rather than the muisc group.

You can set setgid to fix this problem.

[Allyes_op @ allyes ~] $ Sudo chmod g + s/usr/local/share/Music

========================================================== ====

Note:

Here we have another problem. The mask set by the umask command can only take effect in the current shell session.

In the following content, we will introduce how to make the mask value of the umask command take effect permanently.