Changes between Version 2 and Version 3 of access/AccessFS

Oct 26, 2016 5:04:48 PM (4 years ago)
Martin Dix



  • access/AccessFS

    v2 v3  
    4646= File access control lists =
     48File access control lists allow finer grained control than the normal unix user, group and other permissions. They're used here to ensure that all access users (members of the access group at NCI) can use files in ~access and that the several members of the access.admin group can maintain the directories.
     50As an example for a particular file
     52% ls -l ~access/data/ancil/access_v2/qrparm.mask
     53-rw-rw-r--+ 1 saw562 access.admin 245760 Apr 20  2011 /projects/access/data/ancil/access_v2/qrparm.mask
     55% getfacl ~access/data/ancil/access_v2/qrparm.mask getfacl: Removing leading '/' from absolute path names
     56# file: projects/access/data/ancil/access_v2/qrparm.mask
     57# owner: saw562
     58# group: access.admin
     60group::rwx                      #effective:rw-
     61group:access:r-x                #effective:r--
     62group:access.admin:rwx          #effective:rw-
     67Default FACL settings for directories should mean that all files created in ~access have read/write permission for the access.admin group and read permission for the access group.
     69If you have problems with file permissions send a message to access_help.
     71== FACLs and /short/PROJECT and /home ==
     73The /short/$PROJECT directories normally have read permission only for project members which can make wider collaboration difficult. The CSIRO p66 and BOM dp9 projects have used FACLs so that all access members can see the top level directories. Individual users then have the option of making their /short/PROJECT/USER directories more open.
     75Note that this doesn't affect permissions of directories that have more restrictive file permissions like {{{$HOME/.ssh}}}. **CHECK HOW THIS WORKS.**
    4877= User file system =