How to control access rights for LFC/SRM files

From PDP/Grid Wiki
Jump to navigationJump to search

Storing files on the grid is one thing. Controlling access to these files is a different matter. This page is the result of an ongoing investigation on how to control access rights for different storage systems (currently: dCache and DPM), as well as the way a files is stored and accessed on the Local File Catalog (LFC).

Case #1: dCache

Step 1: Creating your own directory in SRM-space

srmmkdir ....

Step 2: Copying and registering your file

lcg-cr ....

Step 3: Looking at the permissions

  • LFC
  • SRM : srm-get-permissions

Step 4: Modifying the permissions

  • LFC
  • SRM : srm-set-permissions

Step 5: Verifying access control

  • LFC
  • SRM : srm-get-permissions
  • Try to access the file as another user

Case #2: DPM

Step 1: Creating your own directory in DPM-space

srmmkdir .... ??
dpns-mkdir

Step 2: Copying and registering your file

lcg-cr ....

Step 3: Looking at the permissions

  • LFC
  • SRM : srm-get-permissions is broken
    • dpns-getacl

Step 4: Modifying the permissions

  • LFC
  • SRM : dpns-setacl

Step 5: Verifying access control

  • LFC
  • SRM
  • Try to access the file as another user