rsnt_translations
56,420
edits
Sharing data: Difference between revisions
Jump to navigation
Jump to search
no edit summary
No edit summary |
No edit summary |
||
| Line 3: | Line 3: | ||
<translate> | <translate> | ||
<!--T:24--> | <!--T:24--> | ||
<i>Parent page: [[Storage and file management]]</i> | |||
<!--T:49--> | <!--T:49--> | ||
| Line 130: | Line 130: | ||
{{Command|prompt=[user@gra-login1]$|umask -S | {{Command|prompt=[user@gra-login1]$|umask -S | ||
|result=u=rwx,g=rx,o=}} | |result=u=rwx,g=rx,o=}} | ||
This means that, by default, new files that you create can be read, written and executed by yourself, they can be read and executed by members of the group of the file, and they cannot be accessed by other people. | This means that, by default, new files that you create can be read, written and executed by yourself, they can be read and executed by members of the group of the file, and they cannot be accessed by other people. <b>The <code>umask</code> only applies to new files. Changing the <code>umask</code> does not change the access permissions of existing files.</b> | ||
<!--T:41--> | <!--T:41--> | ||
| Line 176: | Line 176: | ||
<!--T:45--> | <!--T:45--> | ||
Note that this change does | Note that this change does <i>not</i> mean that your files have been inappropriately exposed in the past. Restrictive access permissions have been set on your home, project, and scratch directories since the beginning. Unless the permissions were changed to give <i>execute</i> permission to other users on these folders, they still cannot be accessed by them. | ||
=== Changing the permissions of existing files === <!--T:46--> | === Changing the permissions of existing files === <!--T:46--> | ||
| Line 189: | Line 189: | ||
<!--T:8--> | <!--T:8--> | ||
The file permissions discussed above have been available in Unix-like operating systems for decades now but they are very coarse-grained. The whole set of users is divided into just three categories: the owner, the group, and everyone else. What if you want to allow someone who isn't in a group to read a file - do you really need to make the file readable by everyone in that case? The answer, happily, is no. Our national systems offer | The file permissions discussed above have been available in Unix-like operating systems for decades now but they are very coarse-grained. The whole set of users is divided into just three categories: the owner, the group, and everyone else. What if you want to allow someone who isn't in a group to read a file - do you really need to make the file readable by everyone in that case? The answer, happily, is no. Our national systems offer <i>access control lists</i> (ACLs) to enable permissions to be set on a user-by-user basis if desired. The two commands needed to manipulate these extended permissions are | ||
* <code>getfacl</code> to see the ACL permissions, and | * <code>getfacl</code> to see the ACL permissions, and | ||
* <code>setfacl</code> to alter them. | * <code>setfacl</code> to alter them. | ||