I work on an HPC and often I have to share files with other users. The most approachable solution is to have an external cloud storage and recline back and forth. However there’s some projects that are quite heavy (several TB) and that is unfeasible. We do not have a shared group. The following is the only solution I found which is not to just set al permissions to 777, and I still don’t like it.
Create a directory and set ACL to give access to the selected users. This works fine if the users create new files in there, but it does not work if they copy from somewhere else as default umask is 022. Thus the only appropriate solution is to change default umask to 002, which however affects file creation system wide. The alternative is to change permissions every time you copy something, but you all know very well that is not going to happen.
Does it really have to be such a pain in the ass?
I’m no sysadmin, I just run my homelab. Let me get this straight… You want to bypass system level access level restrictions with some form of control but not go through your company’s standard method of doing so because of bureaucracy?
If that’s the case: why not put something in front Like opencloud for example?
I mean, maybe OC is not what you need, but conceptually… would a middleman solution work for you? If so, you could go with a thousand different alternatives depending on your needs.
A cloud solution is indeed an option, however not a very palatable one. The main problem with a cloud solution would be pricing. From what I can see, you can get 1TB for about 10€/month. We’d need substantially more than that. The cost is feasible and not excessive, but frankly it’s a bit of a joke to have to use someone else’s server when we have our own.
Yes. Not a company but public research, which means asking for a group change may lead to several people in the capital discussing on whether that is appropriate or not. I’d like this to be a joke, but it is not. We’d surely get access eventually if we do that, but that would lead to the unfortunate side: if we work in that way every new person who has to get in has to wait all that paperwork.
Don’t bypass your organizational policies
I am not bypassing any policy: the HPC Is there to collaborate on and data can be shared. Not having a shared group is not a policy, it’s just that not all users are in the same group and users are added to just one group by default. We are indeed allowed to share files, hell most of the people I want to share stuff with are part of my own research group. ACL is allowed on the HPC. I’m asking how to properly use ACL.
If you have anything actually useful go ahead, otherwise don’t worry that I know better than you do what I should or should not do.
You are in way over your head
Stop now before you get yourself in hot water
Fuck off.
I think he meant self-hosting Opencloud
Yes. That’s what I recommended. Self-host whatever middleman software. Opencloud, WebDAV, S3, FTP, anything he puts in the middle can accomplish what he wants.
I see! Well, I currently do not have another server that has so much storage that we could use for thi purpose. Maybe in the future and that will solve a bunch of problems, this is only one of them.
We do have a storage server, but that is local only and backup only: not going to open it to the internet.
It is indeed a solution. What is absurd to me is to have to consider such a solution that requires two servers.
You don’t need additional storage. It’s one program you need to set up.
It is not something I can setup on that server, I would need a separate server to set up something of that kind.
If it’s a compliance problem, I get it. From a practical standpoint, FTP or WebDAV don’t require installing anything.
Not strictly about compliance, setting up FTP or WebDAV is technically complex without root access. You’d have to account for the fact that sessions on a HPC are time limited. Probably you can come up with some workaround that way, but I’m not sure that is any better than my current setup.
I recommended Self-hosting whatever middleman software. Opencloud, WebDAV, S3, FTP, anything you put in the middle can accomplish what you want.