NDG Linux Essentials - Challenge Lab A: User Management

Case Scenario

1. As the Linux Administrator for fast-growing company, you havebeen tasked with creating, modifying, and removing user accountsfrom the Linux server. The company has just hired 9 new employeesto fill 3 newly designed departments. The departments that havebeen created are Engineering, Sales and IS. The server must besetup with the appropriate files, folders, users, groups andpermissions to ensure a successful launch of the newly designeddepartments.

Objectives

• Create a directory at the root (/) of the file system for eachdepartment. This name should reflect the department name that willuse the directory.
• Create a group for each department. This name should reflectthe department name that the group will be assigned.
• Create an administrative user for each of the departments.
  • The user will have a Bash login shell.
  • The user will belong to the respective group for eachdepartment. This will need to be the user’s primary group.
• Create two additional users for each department.
  • The users will have a Bash login shell.
  • The users will belong to their respective group for eachdepartment. This will need to be the user’s primary group.
• For security reasons, the following modifications will need tobe made to each of the departments' respective directories:
  • Ensure that the owner of each of the directories is thedepartment administrator and the group ownership is the group foreach department.
  • The department administrator will have full access to theirrespective department directories.
  • Ensure that only the owner of a file in the department’sdirectory can delete the file. The user will also have ownership oftheir respective department folders.
  • Normal users in each department will have full access (Read,Write and Execute) to their respective department folders.
  • The department folders will ONLY be accessible byusers/administrators in each of the respective departments. Ensurethat no one else will have permissions to the folders.
• Create a document in each of the department directories.
  • The ownerships on this file will be the same as the directoryit is located in.
  • The document should contain only one line of text that states,“This file contains confidential information for thedepartment.”
  • This file can be read by any user in the department, but canonly be modified by the department administrator. No one else haspermissions to this file.

Curriculum Resources

1. Module 6 – Working with Files and Directories
2. Module 13 – System and User Security
3. Module 14 – Create a New User
4. Module 15 – Ownership and Permissions
5. Module 16 – Securing Permissions, Links, and FileLocations

Deliverables

• Use the appropriate command to verify each user and group hasbeen created.
• Use the appropriate command to verify each user’s groupassignment.
• Use the appropriate command to verify the directory creationand the permission settings.
• Use the appropriate command to verify the files are created intheir respective directories.