In step 3 of this exercise, it is not clear how to set up the necessary group ownership and permissions for collaboration without actually looking at the solution.
- /home/techdocs should really have SGID to ensure that new content is owned by the techdocs group. The solution manually changes group ownership and permissions on a single file which doesn't scale as a workflow.
In step 5, sub-directories get created where content is read-only for the group. (this is OK, except that a user called editor1 only gets read access which is a bit of a contradiction). In the solution, temporary umask changes are used to secure the content. The exercise misses the opportunity to reinforce how to set the umask persistently for individual users. Even in the previous GE, the lab script does this automatically instead of giving students the opportunity to practice this skill.
To summarize, a typical collaboration work folder has 3770 permissions and that's what should be reinforced in this lesson. This should be be coupled with a persistent umask of 027 for users in the work group which is significant in the light of the default umask change to 022 in RHEL9 and above.
- relates to
-
PTL-15298 RH124-10.0 Feedback: rh0020l-10.0 + Chapter 11 Controlling Access to Files,...
-
- In Progress
-
-
PTL-15367 RH124v10:Ch11s07 : Verifying permission on /home/techdocs" is marginally too strict
-
- In Progress
-
-
PTL-15453 LAB 11.7 use of umask
-
- In Progress
-
-
PTL-15288 Fix the Collaboration Directories
-
- In Progress
-