Tip: Using ACLs to control file and directory access

March 18, 2019

GLADE users occasionally need to share files with others who have GLADE access but who aren’t in the same UNIX group. Rather than asking CISL to create a special group in such a case, consider using access control lists (ACLs) to provide the necessary permissions.

ACLs are tools for controlling access to files and directories outside of traditional UNIX permissions. The UNIX permissions remain in effect, but users can create ACLs to facilitate short-term file sharing as needed. In the Cheyenne/GLADE environment, the most common use cases are:

  • Sharing files among users in different NCAR labs or universities.

  • Sharing files with short-term visitors, interns, students, or others during a short project period.

See Using access control lists for examples of how to create ACLs to allow other individuals and groups to work with your files, how to propagate permissions to new files and directories, and how to remove ACLs when they are no longer needed.