CIS-2230 Lab #7: Users and Permissions

In this lab you will experiment with creating users and groups and setting file permissions.

Part 1: Creating Users and Groups

  1. Use the adduser command to create users alice, bob, carol, and dave. Give them passwords you won't forget (although you can change them latter using the passwd command as root). It is fine for this lab to use the same password for all the users even though that would not be recommended in practice.

  2. Verify that you can switch to each user with the su - username command. Use whoami to verify your identity, and don't forget to exit from the shell created by su (otherwise you'll end up with several layers of shells and user identities, which could be confusing).

  3. Use the addgroup command to create groups staff, faculty, and students. Add alice and bob to the staff group. Add bob and carol to the faculty group. Add dave to the students group. Note that bob is a member of both the staff and faculty groups.

  4. Verify group membership with the groups command while logged in as each user.

Part 2: File Permissions

  1. Create a directory named f-project in /usr/local/shared (you may have to create that directory as well). Change the group owner of f-project to faculty. Ensure that group members have full access (rwx) to the folder, but nobody else has any access (other than root, of course). Activate the SGID bit in the folder's permissions so that group membership is automatically propagated to the files/subfolders.

  2. Log in as bob and create a file in /usr/local/shared/f-project. What are the permissions on the file? Who owns the file and in what group is the file? Verify that other faculty (i.e., carol) can access the file for both reading and writing. Verify that neither alice nor dave can access the file. What blocks their access, precisely?

  3. If you are using the default umask set by Ubuntu, you'll notice that newly created files are publicly readable. Log in as carol and temporarily change her umask to block all public access. Create a new file in /usr/local/shared/f-project and verify that the permissions are as expected. Is bob able to access (read and write) the file carol just made?

Submission

For this lab, submit a document that shows the commands you used in each part and any relevant observations. This lab is worth 20 points.

Last Revised: 2025-10-17
© Copyright 2025 by Peter Chapin <peter.chapin@vermontstate.edu>