WID DataVault Permissions
WID DataVault permissions are managed through UNIX groups, ensuring controlled access to project directories, with specific read, write, and execute permissions.
WID DataVault Permissions
- WID Project Directories are owned by a custom UNIX group named after the Project PI and the Project Name. All Project members are in the custom UNIX group.
- Each Project Directory has Read, Write and Execute permissions for the Project's UNIX group. People who are not in the group do not have access.
- If the project members should be able to edit files, the file's UNIX group needs Write permissions. If the project members shouldn't edit certain files, remove the group Write permissions.
- DiscoverIT can update or fix permissions by request of the Project PI.
- All WIDites are in many UNIX groups. To ensure that new files are owned by the Project's specific UNIX group, Project Directories use the "sticky" bit.
Example Commands
| Command |
Example |
Description |
| chgrp |
chgrp GroupName FileName |
Change FileName's group to GroupName |
| chmod |
chmod g+w FileName |
Add group write permission to FileName |
| chown |
chown Username FileName |
Change FileName's User to UserName |
| groups |
|
- View your groups
- View UserName's groups
|
| ls |
ls -l FileName |
View FileName' permission |
| umask |
umask 002 |
New files are created with group write |
Unix Permissions and Examples
- To view the permissions of everything in the current directory run the following command:
ls -l
Permission Types
| Permission Type |
Description |
| - |
Unset permission - can't do |
| r |
Read/view file, list contents of a directory |
| x |
Execute/run the file, open directory |
| s |
replaces "x", force group ownership (lower s) |
| S |
Replaces "-" in execute, force group ownership (upper S) |
Permission Classes
|
User |
Group |
Other |
Description |
| - |
rwx |
rwx |
rwx |
Everyone on the fileserver can do anything |
| - |
rwx |
rwx |
r-x |
Same as above but only User and Group can write |
| - |
rwx |
rwx |
--- |
User and Group can do anything |
| - |
rwx |
--- |
--- |
Only User can do anything |
| - |
r-x |
r-x |
r-x |
No one can write, everyone can read and execute |
| d |
rwx |
rwx |
rwx |
Everyone can do anything to this directory |
| l |
rwx |
rwx |
rwx |
This is a link. The actual permissions are based on the source |
| d |
rwx |
rws |
--- |
Project Directory: Forces new files in folder to be owned by Group |
File Types
| - |
File |
| d |
Directory |
| l |
Symbolic Link |
