9.5总结与练习

1、设置权限，要求如下：
（1）创建g1组，要求创建一个属于redhat用户g1组的文件redhat.txt

[root@server Desktop]# groupadd g1
[root@server Desktop]# useradd redhat -g g1
[root@server Desktop]# id redhat
uid=3458(redhat) gid=40001(g1) groups=40001(g1)
[root@server Desktop]# su - redhat
[redhat@server ~]$ touch redhat.txt
[redhat@server ~]$ ll
total 0
-rw-r--r--. 1 redhat g1 0 Oct 30 07:01 redhat.txt

（2）新建/sc目录，所属组为group组，root用户和group组用户可在该目录下创建文件，其他人无任何权
限

[root@server Desktop]# mkdir /sc
[root@server Desktop]# ls -ld /sc
drwxr-xr-x. 2 root root 6 Oct 30 07:01 /sc
[root@server Desktop]# chown :g1 /sc
[root@server Desktop]# ll -d /sc
drwxr-xr-x. 2 root g1 6 Oct 30 07:01 /sc
[root@server Desktop]# chmod 770 /sc
[root@server Desktop]# ll -d /sc
drwxrwx---. 2 root g1 6 Oct 30 07:01 /sc
[root@server Desktop]# touch /sc/root.txt 
[root@server Desktop]# su - redhat
[redhat@server ~]$ touch /sc/redhat.txt
[redhat@server ~]$ su - susu
Password: 
[susu@server ~]$ touch /sc/susu.txt
touch: cannot touch '/sc/susu.txt': Permission denied

（3）新建/cw目录为财务部存储目录，只能对财务部人员可以写入，并且财务部人员所建立的文件都自动属于mygroup组中

[root@server Desktop]# mkdir /cw
[root@server Desktop]# chown :mygroup /cw
[root@server Desktop]# ll -d /cw
drwxr-xr-x. 2 root mygroup 6 Oct 30 07:07 /cw
[root@server Desktop]# chmod g+sw /cw
[root@server Desktop]# ll -d /cw
drwxrwsr-x. 2 root mygroup 6 Oct 30 07:07 /cw
[root@server Desktop]# groups mygroup
groups: ‘mygroup’: no such user
[root@server Desktop]# gpasswd -a susu mygroup
Adding user susu to group mygroup
[root@server Desktop]# groups susu
susu : su mygroup
[root@server Desktop]# su - susu
[susu@server ~]$ mkdir /cw/susu.cw
[susu@server ~]$ touch /cw/susus.cw01
[susu@server ~]$ ll  /cw
total 0
drwxr-sr-x. 2 susu mygroup 6 Oct 30 07:12 susu.cw
-rw-r--r--. 1 susu mygroup 0 Oct 30 07:12 susus.cw01

（4）设置 helen用户对于/sc和/cw目录可以读，写，执行

[root@server Desktop]# setfacl -m u:helen:rwx /{cw,sc}
[root@server Desktop]# getfacl /{cw,sc}
getfacl: Removing leading '/' from absolute path names
# file: cw
# owner: root
# group: mygroup
# flags: -s-
user::rwx
user:helen:rwx
group::rwx
mask::rwx
other::r-x

# file: sc
# owner: root
# group: g1
user::rwx
user:helen:rwx
group::rwx
mask::rwx
other::---
[helen@server ~]$ ll  /cw /sc
/cw:
total 0
-rw-rw-r--. 1 helen mygroup 0 Oct 30 07:16 helen.cw
drwxr-sr-x. 2 susu  mygroup 6 Oct 30 07:12 susu.cw
-rw-r--r--. 1 susu  mygroup 0 Oct 30 07:12 susus.cw01

/sc:
total 0
-rw-rw-r--. 1 helen  helen 0 Oct 30 07:16 helen.sc
-rw-r--r--. 1 redhat g1    0 Oct 30 07:05 redhat.txt
-rw-r--r--. 1 root   root  0 Oct 30 07:04 root.txt

（5）设置/test目录为公共存储目录对所有用户可以读，写，执行，但用户只能删除属于自己的文件（t权
限）

[root@server Desktop]# chmod o+wt /test
[root@server Desktop]# ll -d /test
drwxr-xrwt. 4 root root 255 Oct 23 09:50 /test
[root@server Desktop]# su - redhat 
[redhat@server ~]$ mkdir /test/redhat
[redhat@server ~]$ ll -d /test/redhat
drwxr-xr-x. 2 redhat g1 6 Oct 30 07:19 /test/redhat
[root@server Desktop]# su - susu
[susu@server ~]$ mkdir /test/susu
[susu@server ~]$ rmdir /test/redhat/
rmdir: failed to remove '/test/redhat/': Operation not permitted
[susu@server ~]$ rmdir /test/susu
[susu@server ~]$ ll -d /test/susu
ls: cannot access '/test/susu': No such file or directory

（6）在/test/dir里创建的新文件自动属于temp组

[root@server Desktop]# ll -d /test/dir
drwxr-xr-x. 2 root su 37 Oct 23 09:20 /test/dir
[root@server Desktop]# chown :temp /test/dir
[root@server Desktop]# chmod g+ws /test/dir
[root@server Desktop]# ll -d /test/dir
drwxrwsr-x. 2 root temp 37 Oct 23 09:20 /test/dir
[root@server Desktop]# mkdir /test/dir/root
[root@server Desktop]# ll -d /test/dir/root
drwxr-sr-x. 2 root temp 6 Oct 30 07:26 /test/dir/root