Home Directory Service
As the Home Directory folders are stored on a system that uses UNIX permissions, their permissions must be set using UNIX parameters. Permissions for files and folders in UNIX are set using three levels:
- Owner permissions — a single user (computing ID) must be set as the owner of the share. Typically, they will have full permissions to the folder.
- Group permissions — a group (typically a MyGroup) is set to allow non-owners access to the files in the share. They will usually have permissions similar to the owner or slightly more restrictive.
- Other (world) permissions — access permissions for any users who are not the owner or in the (including people browsing your site with a Web browser).
Types of UNIX Permissions
- READ or LIST permission allows others to view a file or folder. For example, someone given this permission could use a text editor to see what's in a file that has read permission and could make a copy of this file. Read (or List) permission for a folder lets you see the folder contents.
- WRITE permission lets others make changes to a file and save them. However, files may not be deleted unless WRITE permissions are given to the containing folder. WRITE permissions must also be set in a folder to create new files in it.
- ACCESS or EXECUTE permission for a folder lets others open files in the folder and allows access through that folder to a subfolder.
Permissions for Web Pages
In order to be viewable on the Web, your pages must have Other (world) permissions set to READ. Also, your home directory, (e.g., /home/mst3k/) must be set to allow others to ACCESS the folder's contents, and your myweb/html directory (which must contain all files you wish others to view on the Web) should be listed as LIST and ACCESS in order for your Web pages to be viewable by others.
Any files created using the Home Directory Service inherit the permissions of their parent folder.
For all other folders, if you plan to share the files with others using the Home Directory Service, you should grant LIST and ACCESS permissions. Otherwise, for all folders except /home/mst3k and /home/mst3k/myweb/html, we recommend that you set their permissions to PRIVATE (remove LIST, WRITE, and ACCESS permissions).
To manage file permissions you may use the ITS UNIX Settings Change Request form (NetBadge login required) or change them directly through the web interface at https://www.homedir.virginia.edu/myhome.
For each file or folder in your Home Directory, you may right click on it and choose Properties to set the permissions:
The permissions for each file are arranged in a grid; the rows allow you to set Owner, Group, and Other (world) permissions from top to bottom. The columns allow you to set LIST/READ, WRITE, and ACCESS/EXECUTE permissions from left to right. Note that permissions do not propagate down when set on folders, i.e. if users need access to a folder and files within it, permissions must be set on each item individually.
The dropdown next to "Group" lets you control what MyGroup is given group access to the share. It will list any groups that contain you as a member.