SYS: Create and configure set-GID directories for collaboration.

Share this link

Note: This is an RHCSA 7 exam objective.

Let’s assume two users belonging to the team group, user01 and user02, who want to share a directory called shared.

Create the team group:

# groupadd -g 50000 team

Create the shared directory:

# mkdir /home/shared

Change the ownership of the directory:

# chown nobody:team /home/shared

Assign the set group ID bit (SGID) to the directory:

# chmod g+s /home/shared

Allow the members of the team group to write into the shared directory:

# chmod g+w /home/shared

Remove the permissions for all other users:

# chmod o-rwx /home/shared

Note: The three last commands can be resumed in only one to choose among these:

# chmod g+ws,o-rwx /home/shared
# chmod 2770 /home/shared

Create the two users and assign them the team group in addition to their own group:

# useradd -G team user01
# useradd -G team user02

Note: This can be done in two steps:

# useradd user0X; usermod -aG team user0X

Check the configuration:

# su - user01
$ cd /home/shared
$ touch nothing
$ ls -l
total 0
-rw-rw-r--. 1 user01 team 0 Nov 12 09:45 nothing

Finally, if you want the team group members to be able to see each other’s files but not to delete them, type:

# chmod +t /home/shared
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)

Leave a Reply

8 Comments on "SYS: Create and configure set-GID directories for collaboration."

Notify of
Sort by:   newest | oldest

Hi CertDepot,

When creating a group is it necessary to create a gid 50000 like in your example? What if on the exam the question will just only create a group and it did not mention to create an ID on it? Thanks!

Hey Cert Depot – Can you expound on the relationship of umask on the SGID directory? I think when adding users, if the UID is below 199, then the umask gets set to 022, which will produce files with permissions like “-rw-r–r–” and that’s not good for sharing . When I was following your tutorial, it was a bit confusing when you did “touch nothing” and then nothing picked up permissions “-rw-rw-r–” For folks running into that behavior, check out and read through /etc/profile and search for “umask” that might help with some confusion. Taking my exam tomorrow –… Read more »

Anything that GID can do that ACLs can’t ?


Upcoming Events (CET)

There are no events.

RHCSA7: Task of the day

Allowed time: 10 minutes.
Create two new user accounts "steve" and "oliver".
Create a group "team". Create a directory "shared".
All files put into the "shared" directory by "steve" or "oliver" should belong to the "team" group and be only visible by them.

RHCE7: Task of the day

Allowed time: 10 minutes.
Configure a system to forward all email to a central mail server at (change the IP address accordingly).

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...