This page informs about our group network drive proni, how to connect to it and how to control file access on it.

Connecting to proni

Windows

We use the Gruppenlaufwerk provided by ZIH as a central access point for sharing files. The Gruppenlaufwerk is called proni. You best map proni as a network drive in the Windows explorer. In the remainder of this how-to I'll assume that you map it to drive letter Y. Do this by right click on the network symbol and choose "Map network drive …" ("Netzlaufwerk verbinden …" in German). In the following dialogue use

\\vs-grp01.zih.tu-dresden.de\proni

as location of the server and tick "Connect using different credentials". In the next step you're asked to provide username and password. The username should be

dom\<yourZIHusername>

with your ZIH-account password. If you're asked, you should agree that the network drive is automatically mapped at startup. If everything worked, you should have a new drive with the drive letter you chose which contains all the shared files. If it didn't work, it might be, because we haven't added you to the proni user group, yet. Check with someone who is responsible for that.

Linux

You can mount proni directly into a local directory through sftp. For example, to access proni in local directory

/home/myhome/proni

first make the directory with mkdir. Then, mount the actual proni into this directory with

sshfs ZIH-user-name@sftpg.zih.tu-dresden.de:/import/grp01/proni /home/myhome/proni

You can also setup SSH putlic key authentication so that you don't have to type in your password every time you reconnect. Information about this can be found by searching the internet, or, for example, here, or here.

The connection to proni will be cut automatically after some time of inactivity.

Access rights on proni

proni has a linux-based filesystem with which file access can be controlled very precisely. Files and directories on proni should fall into one of the following three use cases:

1. shared reading: The owner of the files allows everyone in the group to read the files, but only the owner can change, move, delete and add files.
2. shared editing: The owner of the files allows everyone in the group to read and edit the files he created, but only the owner can delete or move them. All group members can add new files which they can also delete.
3. shared ownership: All members of the group can equally read, edit, create and delete files.

When you create a new directory in proni the default access rights are different, when you do this in Linux or Windows. In the following I will explain the defaults and how they can be overwritten in the two operating systems.

Windows

The default access rights for new files in Windows are shared ownership, i.e., all group members can do everything with them. For example, when you copy your raw data to proni in the Windows explorer, everyone in the group can edit and delete these files.

You can change the access rights, but I highly recommend to do this with an external tool and not the Windows explorer. WinSCP appears to be very suitable. Install it. When asked to provide an admin password, you can skip this step. The program will the be installed only for your account. Then use WinSCP to connect to proni through sftp, i.e., you need to connect to the server

sftpg.zih.tu-dresden.de

using the SFTP protocol. After using your ZIH-login you will probably land in your personal ZIH home directory. You can navigate to proni by going to

/import/proni

You can then change the access rights for your file or directory by marking it, right clicking and opening properties. There is a field "octal" where you can type the following numbers to set the corresponding access rights:

for directories

1. shared reading: 2750
2. shared editing: 3770
3. shared ownership: 2770

for files

1. shared reading: 0640 (text and other data files), 0750 (executable files)
2. shared editing: 0770 plus its directory has to be set up for shared editing
3. shared ownership: 0770

Note that the changes you are making only apply to the selected files unless you tick the box which says something like "set rights recursively" when you selected a directory. When this is ticked, all the content of the directory is set to the corresponding rights.

It is ok to set the rights for directories listed above to files, but setting the listed rights for files on directories can make files that you add later unreadable by group members, i.e., this could break sharing.

You can only change rights of files or directories that you own, i.e., that you created. If you try to change access rights to files that you don't own, a 'permission denied' error will be raised, even if you had write access to the file through the group.

Linux

The default access rights for new files in Linux are extended shared reading. The extended part comes from Linux allowing all users, even those outside the group, to read the files. Notice, however, that this is irrelevant in proni, because no-one except for us has access to the proni root folder in the first place.

To change access rights in Linux simply use the built-in tools such as chmod with the settings described above. For example, to set folder analysis to shared editing do

chmod 3770 analysis

To set all files in analysis and its subfolders to shared ownership use

find analysis -type f -exec chmod 0770 {} +

To set analysis and all of its subfolders to shared ownership use

find analysis -type d -exec chmod 2770 {} +

Further information

The ZIH maintains some information about their file system services, but currently only in German.

For more information about file access see the Wikipedia page on File system permissions.