setfacl

Alice is the new CEO of Facebook. She meets with a group young engineers who are using the setfacl command to set permissions. The engineers decide that they will do a live demo for the CEO. First, they need to create a new account on the main RHEL server for Alice Cammon (cammona). Next, they will need to make her part of the existing group executives as her primary group and leaders as her secondary. As CEO, she must be the only person in the company who has write access to /home/executives/the_bottom_line.txt. Please show all of the commands that the team must run. Assume that Laura A. (username adderlyl) will be running all of the commands (using sudo when required) at the direction of the rest of the team.

Sure! Here are the commands that the team should run to achieve the desired setup:

1. Create a new account for Alice Cammon:
   • sudo useradd -m -s /bin/bash cammona
   • The -m option creates a home directory for the new user, and -s /bin/bash sets the user's shell to Bash.
2. Add Alice Cammon to the group executives:
   • sudo usermod -a -G executives cammona
   • The -a option appends the group to the user's existing group memberships.
3. Add Alice Cammon to the secondary group leaders:
   • sudo usermod -a -G leaders cammona
4. Set the ownership of the file /home/executives/the_bottom_line.txt to Alice Cammon and the group executives:
   • sudo chown cammona:executives /home/executives/the_bottom_line.txt
5. Set the permissions of the file /home/executives/the_bottom_line.txt to allow only the owner (Alice Cammon) to write to the file:
   • sudo setfacl -m u:cammona:w /home/executives/the_bottom_line.txt

This command sets a special access control list (ACL) that allows only the user cammona (Alice Cammon) to write to the file.

After running these commands, Alice Cammon should be able to log in to the system and access the file /home/executives/the_bottom_line.txt, but no other user (even those in the group executives) should be able to write to the file.