Sharing data: Difference between revisions

Jump to navigation Jump to search

Sharing data (view source)

Revision as of 20:42, 13 October 2017

3,208 bytes added ,  7 years ago
Added discussion and examples of SUID
(Marked this version for translation)
(Added discussion and examples of SUID)
Line 61: Line 61:
{{Command|chmod 0774 <directory name>}}
{{Command|chmod 0774 <directory name>}}
In the context of the project space, the directory owner will be the PI who sponsors the roles of the students and collaborators.
In the context of the project space, the directory owner will be the PI who sponsors the roles of the students and collaborators.
=== Set User ID (SUID) ===
When creating files and directories within a parent directory there are cases where it is very useful to be able to match the owner or group of the new files or directories to the parent directory's owner or group automatically. By setting the Set User ID (SUID) permission on a directory, files and directories created in that directory will inherit that owner or group. The storage quotas on Cedar and Graham project spaces are enforced by group. Depending on a file's group it will count towards a different storage quota. By setting the SUID of a directory's group any files created in it will have the same group as the parent directory and will count towards the same quota as that parent directory. Lets walk through an example.
Start by checking the groups that <code>someuser</code> belongs to with the <code>groups</code> command.
<source lang="console">
[someuser@server]$ groups
someuser def-someuser
</source>
<code>someuser</code> belongs to two groups <code>someuser</code> and <code>def-someuser</code>. In the current working directory there is a directory which belongs to the group <code>def-someuser</code>.
<source lang="console">
[someuser@server]$ ls -l
drwxrwxr-x  2 someuser  def-someuser      4096 Oct 13 19:39 testDir
</source>
If we create a new file in that directory
<source lang="console">
[someuser@server]$ touch dirTest/test01.txt
[someuser@server]$ ls -l dirTest/
-rw-rw-r-- 1 someuser  someuser    0 Oct 13 19:38 test01.txt
</source>
we see that it is created belonging to <code>someuser<code>'s default group <code>someuser</code>. If we want a newly created file to belong to the same group as the parent folder we can set the SUID permission on the parent directory.
<source lang="console">
[someuser@server]$ chmod g+s dirTest
[someuser@server]$ ls -l
drwxrwsr-x  2 someuser  def-someuser      4096 Oct 13 19:39 dirTest
</source>
Then newly created files will have the same group as the parent directory
<source lang="console">
[someuser@server]$ touch dirTest/test02.txt
[someuser@server]$ ls -l dirTest
-rw-rw-r-- 1 someuser  someuser      0 Oct 13 19:38 test01.txt
-rw-rw-r-- 1 someuser  def-someuser  0 Oct 13 19:39 test02.txt
</source>
If we create a directory inside a directory with the SUID set it will have the same group as the parent folder and also have its SUID set.
<source lang="console">
[someuser@server]$ mkdir dirTest/dirChild
[someuser@server]$ ls -l dirTest/
-rw-rw-r-- 1 someuser  someuser      0 Oct 13 19:38 test01.txt
-rw-rw-r-x 1 someuser  def-someuser  0 Oct 13 19:39 test02.txt
drwxrwsr-x 1 someuser  def-someuser  0 Oct 13 19:39 dirChild
</source>
Finally it can be important to note the difference between a <code>S</code> (capital-S) and <code>s</code>. The capital-S indicates that execute permissions have been removed from the directory but the SUID is still in place. It can be easy to miss this and may result in unexpected permissions problems, such as other in the group not being able to access files within your directory.
<source lang="console">
[someuser@server]$ chmod g-x dirTest/
[someuser@server]$ ls -l
drwxrSr-x  3 someuser  def-someuser      4096 Oct 13 19:39 dirTest
</source>


== Access control lists (ACLs) == <!--T:10-->
== Access control lists (ACLs) == <!--T:10-->
Cgeroux
cc_staff
1,486

edits

Retrieved from "https://docs.alliancecan.ca/wiki/Special:MobileDiff/39576"

Navigation menu