How to access files belonging to someone else or another project

Users are allowed to change the default permissions file permissions in all folders they own. The default access rights to INCD filesystem is the folllowing:

/home

  • All files under /home are only accessible by the user.

/data

  • All files under /data/unixgrp/ are rwx for all users belonging to that group.

Example on how to change permissions for user abc123 belonging to group xyz:

//1 listening the files on a given folder

ls -l 
drwxr--r-- 1 abc123 xyz      4096 Nov 25 11:03 mydir
-rwxr-xr-- 1 abc123 xyz   4126231 Nov 25 15:42 myfile

  • On this example the file owner (abc123) has read, write and execute (rwx) for myfile while the group (xyz) has read and execute (r-x) rights and the remaining of users has read access (r--).

  • Now giving permissions for user def456 to read my files and folders:

//2 Changing file permissions 

setfacl -Rm   u:def456:rwx mydir 
setfacl -Rm d:u:def456:rwx mydir (this options only applies to new files)

  • Now giving permissions for a group abc:

//2 Changing file permissions

setfacl -Rm   g:abc:rwx mydir 
setfacl -Rm d:g:abc:rwx mydir (this options only applies to new files)

  • for further details on file permission and atributes in linux filesystems click here

NOTE We don’t recommend using chmod o+r, chmod o+w, or chmod o+x to give non-group members access to your project’s files. Instead, you should use access control lists to limit the access privileges of specific users


Revision #7
Created Wed, Apr 24, 2019 3:30 PM by João Pina
Updated Tue, Nov 19, 2019 8:35 PM by Jorge Gomes