Home Directories
Access to data (i.e. files and directories) on NeSI is controlled by Access Control Lists (ACLs).
Default permissions differ by filesystem.
- Each user has their own private user group.
- By default home directories belong to that user's account and are not accessible by other users.
- The default permissions mode for home directories is 2700, i.e.
- Sticky bit is set (so permissions are inherited)
- Owner has read, write and execute
- Group has no permissions
- Other has no permissions
Project Directories
- Projects are granted two directories by default
- a persistent directory in
/nesi/project - a scratch directory in
/nesi/nobackup - Project directories are group directories, i.e. a directory that is shared by all members of a group
- The Project's Project Owner (PO) is responsible for specifying and approving who has what access to a Project Directory:
- Currently via support requests to NeSI Support.
- In the future via My NeSI.
Group Directories
- All users belonging to a group are able to read and write in the group directory
- By default group directories belong to root and the group, but are not accessible by other users
- Read-only access can be granted to a group directory on a per user basis, or by creating a Reader Group which will granted Read Only access.
- Wider access can be granted if approved by the Project's PO
- Default permissions mode for group directories is 2770, i.e.
- Sticky bit is set, so permissions are inherited
- Owner has read, write and execute
- Group has read, write and execute
- Other has no permissions
For an overview of the NeSI filesystems see: NeSI Filesystems and Quotas