Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Google Cloud Platform icon

Managing and Troubleshooting File Permissions

This lab touches on most things anyone would need to know when navigating and troubleshooting a filesystem. It will facilitate practice on octal permissions, setting ACLs, working with SELinux, special bits, and file attributes to complete a set of tasks that could happen in the real world.

Google Cloud Platform icon

Path Info

Clock icon Intermediate
Clock icon 45m
Clock icon Jan 24, 2020

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Set /var/www/html up Using ACLs to Allow the devs Group Access

    First, we should run getfacl /var/www/html to get some baseline information.

    Since we don't see any currently set ACLs, let's set our own with the following command:

    setfacl -m d:g:devs:rwx /var/www/html

    Now anyone in the devs group can navigate to, and write to, /var/www/html.

  2. Challenge

    Fix Startup Errors for Apache

    Trying to run systemctl start httpd will give errors. Running journalctl -xe will show lines similar to this:

    Jan 09 20:32:46 Server1 httpd[7107]: (13)Permission denied: AH00091: httpd: could not open error log file /etc/httpd/l>
    Jan 09 20:32:46 Server1 httpd[7107]: AH00015: Unable to open logs

    It looks like a problem with the error log file, which is /var/log/httpd/error_log.

    ls -lZ /var/log/httpd/error_log shows:

    -rw-r--r--. 1 root root unconfined_u:object_r:admin_home_t:s0 0 Jan  9 20:17 /var/log/httpd/error_log

    Let's use restorecon to fix it:

    restorecon /var/log/httpd/error_log
    systemctl start httpd

    The service starts.

  3. Challenge

    Set up the /var/www/devs Directory so That All Files Created Are Owned by the devs Group

    First we should run ls -ld /var/www/devs to get a base of information about this directory.

    Then we can run the following commands to set it up as directed:

    chmod g+w /var/www/devs
    chown root.devs /var/www/devs
    chmod g+s /var/www/devs

    This will set the setGID bit on the directory and enable all new files and folders created to be owned by the devs group.

  4. Challenge

    Move /var/www/devs/index.html to /var/www/html and Make Sure the Page Is Served Correctly

    First we'll run mv /var/www/devs/index.html /var/www/html.

    This returns an "Operation not permitted" error. Since that's not a normal permission denied error, let's look at file attributes.

    lsattr /var/www/devs/index.html shows that the file has the immutable flag set. chattr -i /var/www/devs/index.html will allow us to do what we need for this task.

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans