Child pages
  • Using Quarry to manage RFS permissions
Skip to end of metadata
Go to start of metadata

Using Quarry to Manage RFS Permissions & Creating Shares

Step-by-step guide to using Quarry to manage RFS permissions and Creating Shares

  1. First, you will need to create a "quarry" account by following the instructions in this link:  http://kb.iu.edu/data/avkx.html.  You will need to follow the instructions only in the section "Requesting an account or software."
  2. If using Windows, obtain an SSH client from IUWare.  The one currently recommended there is PuTTY.  You can get it from IU Ware at the following location::
    http://iuware.iu.edu/Windows#Details/781
  3. Use your SSH client software to connect to quarry.uits.indiana.edu
  4. The first time you connect, you'll be prompted to cache the server key, which you can do by clicking Yes
  5. Log in using your network ID username and password (if you can't login, be sure you have actually requested a Quarry account at http://itaccounts.iu.edu).
  6. If this is the first time you have logged into your Quarry account:
    1. Choose your default shell (if you have no preference, type 1 and press Enter).
    2. Type
      soft add +rfs
      
      to setup your Quarry account to work with RFS. [Only need to do this once and not everytime you login]
  7. To change to your RFS directory, type
    cd /afs/iu.edu/home/u/s/username/
    
    (replace u, s, username with the first initial of your username, the second initial of your username, and your full username--so if your username is jtjones, then you would type cd /afs/iu.edu/home/j/t/jtjones/). [You will need to do this everytime you login].  If you are using a "project account," use the following to get to your account:  cd /afs/iu.edu/home/projects/projectname
  8. Use commands of the Andrew File System to manage groups and permissions to folders in RFS.  This is detailed in several IU KB articles, including:
    http://kb.iu.edu/data/asxa.html

NOTES

  • Anyone you wish to share data with will need to have an RFS account.  They can obtain one by following these directions:  http://kb.iu.edu/data/alja.html.
  • Other users can view the data of the shared RFS Account by following the instructions in the following link:  http://kb.iu.edu/data/arxp.html.
  • It is recommended that you create a folder within the root of your RFS account that you will use to share data, create a group that has permissions to that folder, and add users to the group (this will be shown to you in the  directions below)

To create a group and do the following to create a group and assign permissions:

   **Note:  In all cases below, username1 is your user name and username2 is the user name of the person you are granting access to.**

Create a group; add members.

  • pts cg -na username1:rsshared
  • pts ad -u username2 -g username1:rsshared
  • Other functions you may wish to do is as follows:
    • To remove a user from the rsshared group:  pts rem -u username2 -g username1:rsshared
    • To check who is in the rfsshared group:  pts m -na username1:rsshared
    • To delete 'rsshared group', pts d -na username1:rsshared
    • To find out what groups you own:  pts listowned username1

Create a folder and assign the rsshared members rights to this folder

  • http://kb.iu.edu/data/arxp.html (follow the directions under Windows)
  • Create a folder called "rsfiles" under your space like you normally would
  • Once the folder is created, do the following to assign permissions.
    • fs sa -d . -a username1:rsshared l
    • fs sa -d rsfiles -a username1:rsshared write (this assigns all permissions with the exception of administrator; if you wish to give a more limited set of permissions, then, please see the following link:  http://docs.openafs.org/Reference/1/fs_setacl.html (The commands that you can have instead of "write" starts with the letter "a" and ends at "write".  You would substitute these letters or words where you see "write" in the command line above.

Other functions you may wish to check

  • To check the rights you have given to the group:  username1:rsshared for the rsfiles directory, do the following command: 
    • fs la -p rsfiles
  • To remove the rights you have given to the group:  username1:rsshared for the rsfiles directory, do the following command:
    •  fs sa -d rsfiles -a username1:rsshared none

Once you've done this, others can see your files by them going to:

You can browse at the top level to other people's accounts, or have others go to yours by mapping:

 \\rfs.iu.edu\afs-home (file://\\rfs.iu.edu\afs-home)

         Then, click on the first initial of the account name and then the second and then select the account name (example: if my user name is jtjones, then I would first go to directory "j" and then directory "t" and then "jtjones" and then directory, "rsfiles")

Instructions for mapping a drive to the shared user's directory::

If the shared users directory was jtjones, please map the drive accordingly --

  • Connect to the "VPN" by following the directions in the following link:  http://kb.iu.edu/data/aygt.html
  • Go to "My Computer"
  • Go to Tools/Map Network Drive
  • Select for Drive:  "R"
  • For folder type in the following to map to jtjones directory:  "\\rfs.iu.edu\afs-home\j\t\jtjones
  • Make sure to select the "Reconnect at logon" box. 
  • Press "Finish"