We recommend users share data with others on /scratch and /g/data through project memberships.
/scratch/$PROJECT and /g/data/$PROJECT
The scratch and gdata project folders are designed for collaborations within the project. By default the permission is set to 770 with the setgid bit enabled, allowing all project members to read, write and execute, and forcing all future files created inside the folder by default owned by the group $PROJECT. For example, the folder /scratch/xy11 has its permission set to rws for all the project members of xy11.
Any folder created inside /scratch/$PROJECT by default has its permission set to 755 with the setgid bit enabled. For example, user abc111 has the default project folder on /scratch set to rs.
By default, it is ready for all members in project xy11 to read and execute and forcing all future files and folders created inside it be owned by project xy11.
If you want to remove the group rx permission of all the files inside your own folder in your default scratch project folder, please run
It is also possible to share data with someone outside the project by adding the rule into the access control list (ACL) but it has to be set by NCI admin to allow the access at the project folder level. Please launch a ticket on help.nci.org.au or send us (email@example.com) an email with a short description of why the data has to be shared across projects.
This folder can be used to share data across projects on /scratch temporarily and data created in /scratch/public is deleted in a week.
Data created in /scratch/public by default is owned by the owner's default project and is debited from that project's storage allocation on /scratch.
The permission is set to world readable by default so that all Gadi users can see the data.
To restrict the access, you can set ACLs to the files. For example, to allow only the user jjj777 to copy the file log.log, remove the access of others first, and then add rX access for jjj777 to the folder abc111_to_jjj777 recursively.
On Gadi, by default, the access permission of home folder $HOME is set to 700, only accessible by the user owns it. For example,
The default 700 permission can be modified, however, we remove group- and/or world-writeable permissions on any home folders once they are detected.
We insist on no writable permissions on any home folders for anyone other than the owner because it contains configuration files for user account and once writable to others, user account can be compromised.