SYS: Create and configure set-GID directories for collaboration.

Share this link

Note: This is an RHCSA 7 exam objective.

Let’s assume two users belonging to the team group, user01 and user02, who want to share a directory called shared.

Create the team group:

# groupadd -g 50000 team

Create the shared directory:

# mkdir /home/shared

Change the ownership of the directory:

# chown nobody:team /home/shared

Assign the set group ID bit (SGID) to the directory:

# chmod g+s /home/shared

Allow the members of the team group to write into the shared directory:

# chmod g+w /home/shared

Remove the permissions for all other users:

# chmod o-rwx /home/shared

Note: The three last commands can be resumed in only one to choose among these:

# chmod g+ws,o-rwx /home/shared
# chmod 2770 /home/shared

Create the two users and assign them the team group in addition to their own group:

# useradd -G team user01
# useradd -G team user02

Note: This can be done in two steps:

# useradd user0X; usermod -aG team user0X

Check the configuration:

# su - user01
$ cd /home/shared
$ touch nothing
$ ls -l
total 0
-rw-rw-r--. 1 user01 team 0 Nov 12 09:45 nothing

Finally, if you want the team group members to be able to see each other’s files but not to delete them, type:

# chmod +t /home/shared
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 5.00 out of 5)
8 comments on “SYS: Create and configure set-GID directories for collaboration.
  1. redhat0329 says:

    Hi CertDepot,

    When creating a group is it necessary to create a gid 50000 like in your example? What if on the exam the question will just only create a group and it did not mention to create an ID on it? Thanks!

    • CertDepot says:

      I think it is better to create a specific group ID with a big number because this is a good way to remind you that there will be no user associated with this group.
      Also, if you don’t choose a big number, the group ID will follow the previous group ID created and next time you create a user, user ID and group ID will be different numbers.

  2. letters2u1992 says:

    Hey Cert Depot – Can you expound on the relationship of umask on the SGID directory?

    I think when adding users, if the UID is below 199, then the umask gets set to 022, which will produce files with permissions like “-rw-r–r–” and that’s not good for sharing . When I was following your tutorial, it was a bit confusing when you did “touch nothing” and then nothing picked up permissions “-rw-rw-r–”

    For folks running into that behavior, check out

    and read through /etc/profile and search for “umask” that might help with some confusion.

    Taking my exam tomorrow – wish me luck!


  3. hallo says:

    Anything that GID can do that ACLs can’t ?

Leave a Reply

Upcoming Events (Local Time)

There are no events.

RHCSA7: Task of the day

Allowed time: 5 minutes.
Create a user account named "tony" with password “redhat” and belonging to a secondary group called “team”.

RHCE7: Task of the day

Allowed time: 15 minutes.
Configure a Samba server called MYSERVER, belonging to the MYGROUP group, sharing the /shared directory with the name "shared".

Follow me on Twitter

Poll for favorite RHEL 7 book

What is your favorite RHEL 7 book to prepare RHCSA & RHCE exams?

View Results

Loading ... Loading ...

Poll for most difficult RHCSA 7 topic

What do you think is the most difficult RHCSA 7 topic?

View Results

Loading ... Loading ...

Poll for most difficult RHCE 7 topic

What do you think is the most difficult RHCE 7 topic?

View Results

Loading ... Loading ...