Skip to content

Data Sharing on $SCRATCH

To share the data with another cluster user or a research group, the $SCRATCH filesystem is sometimes used. It does not guarantee confidentiality but prevents anybody from seeing your data by mistake. Here are examples of how to move the data-to-share directory and change permissions accordingly.

Share data with members of one of your groups#

Let's imagine that user usera, belonging toGrpB project group among others, wants to share his dataset1_to_share_with_grpb and dataset2_to_share_with_grpb directories under $SCRATCH/users/usera with other members of group GrpB (userb and userc in this example)

Code Block (text)

$ id usera
uid=XXXX(usera) gid=263(GrpA) groups=263(GrpA),264(GrpB),3160(vpn-ssl-users)
$ getent group GrpB
GrpB:*:264:usera,userb,userc
$ ls -ld  $SCRATCH/users/usera/dataset*_to_share_with_grpb
drwx------ 1 usera GrpA 0 Dec  5  2018 $SCRATCH/users/usera/dataset1_to_share_with_grpb
drwxrwxr-x 1 usera GrpA 0 Jan  9  2019 $SCRATCH/users/usera/dataset2_to_share_with_grpb

To do that, usera, the owner of the directories, should:

  1. move the dataset1_to_share_with_grpb and dataset2_to_share_with_grpb  directories under $SCRATCH/public:

Code Block (text)

$ mv $SCRATCH/users/usera/dataset*_to_share_with_grpb $SCRATCH/public/
$ ls -ld  $SCRATCH/public/dataset*_to_share_with_grpb
drwx------ 1 usera GrpA 0 Dec  5  2018 $SCRATCH/public/dataset1_to_share_with_grpb
drwxrwxr-x 1 usera GrpA 0 Jan  9  2019 $SCRATCH/public/dataset2_to_share_with_grpb
  1. change the unix group of the dataset directories with the chgrp command:

Code Block (text)

$ chgrp -R GrpB $SCRATCH/public/dataset*_to_share_with_grpb 
$ ls -ld  $SCRATCH/public/dataset*_to_share_with_grpb
drwx------ 1 usera GrpB 0 Dec  5  2018 $SCRATCH/public/dataset1_to_share_with_grpb
drwxrwxr-x 1 usera GrpB 0 Jan  9  2019 $SCRATCH/public/dataset2_to_share_with_grpb

-R  option is used to recursively change the group of any file or subdirectory of $SCRATCH/groups/dataset1_to_share_with_grpb. 3. give (+) the permissions to the group (g) to * list the content (r) of dataset1_to_share_with_grpb, * modify the content such as creating/removing files inside it (w) * go down/through it (X)

with the chmod command:

Code Block (text)

$ chmod -R g+rwX $SCRATCH/public/dataset1_to_share_with_grpb 
$ ls -ld  $SCRATCH/public/dataset1_to_share_with_grpb
drwxrwx--- 1 usera GrpB 0 Dec  5  2018 $SCRATCH/public/dataset1_to_share_with_grpb

-R  option is used to recursively change the permissions on any file or subdirectory of $SCRATCH/groups/dataset1_to_share_with_grpb. The effect of the chmod g+rwXon files is the following:

  • r: right to read the file
  • w: right to modify the file
  • X: right to execute the file if it is already executable (required for script or binary files only).
  • remove (-) any access to anyone else (o) on dataset2_to_share_with_grpb:

Code Block (text)

$ chmod o-rwx $SCRATCH/public/dataset2_to_share_with_grpb 
$ ls -ld  $SCRATCH/public/dataset2_to_share_with_grpb
drwxrwx--- 1 usera GrpB 0 Jan  9  2019 $SCRATCH/public/dataset2_to_share_with_grpb

Share non-sensitive data with people not belonging to any of your groups#

Let's now imagine that user usera wants to share his data_to_share_with_userd directory under $SCRATCH/users/usera/ with userd who doesn't have any Unix group in common with usera:

Code Block (text)

$ id usera
uid=XXXX(usera) gid=263(GrpA) groups=263(GrpA),264(GrpB),3160(vpn-ssl-users)
$ id userd 
uid=YYYY(userd) gid=260(GrpD) groups=260(GrpD)
$ ls -ld  $SCRATCH/users/usera/data_to_share_with_userd
drwx------ 1 usera GrpA 0 Dec  5  2018 $SCRATCH/users/data_to_share_with_userd

To do that, usera, the owner of the data_to_share_with_userd directory:

  1. must move the data_to_share_with_grpb directory under $SCRATCH/public:

Code Block (text)

$ mv $SCRATCH/users/usera/data_to_share_with_userd $SCRATCH/public/
$ ls -ld  $SCRATCH/public/data_to_share_with_userd
drwx------ 1 usera GrpA 0 Dec  5  2018 $SCRATCH/public/data_to_share_with_userd

  1. since userd is not a member of any group of usera, usera has no other choice than giving (+) at least the permissions to anyone (o) to

  2. list the content (r) of data_to_share_with_userd,

  3. go down/through it (X)

with the chmod command:

Code Block (text)

$ chmod -R o+rX $SCRATCH/groups/data_to_share_with_userd 
$ ls -ld  $SCRATCH/groups/data_to_share_with_userd
drwx---r-x 1 usera GrpA 0 Dec  5  2018 $SCRATCH/groups/data_to_share_with_userd

-R  option is used to recursively change the permissions on any file or subdirectory of $SCRATCH/groups/data_to_share_with_userd. The effect of the chmod g+rX on files is the following:

  • r: right to read the file
  • X: right to execute the file if it is already executable (required for scripts and executable binary files only)

Share sensitive data#

please make a ticket at informatique@pasteur.fr and we will find a way to share the data conformant to the current regulation.