A system administrator needs to ensure that a user named 'bob' can access a shared directory '/data' owned by group 'developers'. The directory has permissions 2775 and is owned by root:developers. Bob is a member of the 'developers' group. However, when Bob tries to create a file in '/data', it fails with 'Permission denied'. What is the most likely cause?
Trap 1: Bob's umask is set to 0077
umask affects default permissions of new files, but does not prevent file creation itself.
Trap 2: The setgid bit is not set
The permissions 2775 include the setgid bit (2), so it is set.
Trap 3: Bob's primary group is not developers
With setgid, new files inherit the directory's group, so Bob's primary group does not affect his ability to create files as long as he is a member of developers.
- A
The directory has incorrect SELinux context
SELinux contexts can prevent access even when standard permissions allow it. The default context for /data might be different, causing denial.
- B
Bob's umask is set to 0077
Why wrong: umask affects default permissions of new files, but does not prevent file creation itself.
- C
The setgid bit is not set
Why wrong: The permissions 2775 include the setgid bit (2), so it is set.
- D
Bob's primary group is not developers
Why wrong: With setgid, new files inherit the directory's group, so Bob's primary group does not affect his ability to create files as long as he is a member of developers.