Introduction¶
Learn how to configure and verify SUID, SGID, and sticky bit permissions on Linux files and directories. This topic is common in day-to-day Linux administration and is useful for RHCSA preparation because you must be able to perform the task from a terminal and then prove that it worked.
What You Will Learn¶
By the end of this guide, you should be able to:
- Identify when this task is required
- Run the main commands safely
- Verify the result from the command line
- Avoid common mistakes that cause exam and production problems
Required Knowledge¶
You should know how to open a shell, use sudo, edit text files with vi or another terminal editor, and read command output carefully. On RHEL, Rocky Linux, and AlmaLinux, most package examples use dnf. Ubuntu systems may use different package names or apt, but the core administration idea is usually similar.
Practical Command Examples¶
Run commands deliberately and verify each step before moving on.
chmod u+s /path/to/program
chmod g+s /srv/shared
chmod +t /srv/dropbox
ls -ld /srv/shared /srv/dropbox
find /usr/bin -perm -4000 -type f
Command Explanation¶
The first command usually inspects the current state so you do not change the wrong object. The middle commands make the requested change. The final commands show the state after the change. For RHCSA tasks, this order matters: inspect, change, verify.
Use sudo when the operation changes system configuration, users, services, storage, firewall rules, or security settings. If a command fails, read the error before trying a different command.
Verification Commands¶
Use separate commands to confirm the result. Do not rely only on the command returning successfully.
stat /srv/shared
ls -ld /tmp
Example output may look like this:
command completed successfully
expected setting is visible in the verification output
Common Mistakes¶
- Setting SUID on scripts is unsafe and often ignored.
- Forgetting SGID on shared directories causes new files to inherit the user primary group instead.
RHCSA-Style Practice Task¶
Create a group shared directory where new files inherit the group and users cannot delete each other files in a dropbox directory.
After completing the task, write down the verification command you used and the exact output field that proves success.
Quick Checklist¶
- Confirm the target user, file, service, disk, or mount before changing it.
- Run the command with the correct option and full path when needed.
- Verify the result with an independent command.
- Make persistent changes only after the runtime test works.
- Keep a backup before editing critical configuration files.
Summary¶
This RHCSA topic is about doing a small administrative change correctly and proving the final state. Use a careful workflow: inspect the current configuration, apply the minimum required change, test it immediately, and make it persistent only when the task requires persistence.