Common AFS Space

The common AFS space can be found at

Access rights are grantet by PeterSpeckmayer. There is a total space of 280Gb available at the moment.
  • data - backupped space to store important data like detector models or reference stdhep files, as well as talks and slides relevant to the studies
  • software - this space is used to store a reference installation for all the needed software. If you want to use this software instead of your local copy or from an lxplus machine you need to set the environment variables accordingly. A script is available to do this automatically:
    source /afs/
  • work - scratch space to store all generated events and analysis results (AIDA plots etc.). Total of 100Gb
  • work2 - same as work. Another 100Gb.

The directories work and work2 are intended as short term storage areas. Especially larger files (i.e. simulations of large event numbers) should be moved to castor instead.

Access rights (protection groups) on the groups AFS directory

The group ID of the LCD group @CERN is: ZF There are three protection groups for the ZF group:

  • zf:acladmins - contains the usernames of the persons with rights to manipulate the following two protection groups
  • zf:afsrestricted - Some directories (software, data) are write protected. Only persons in the group zf:afsrestricted do have write access there.
  • zf:afsaccess - Persons in this list have read access to all afs directories of the group and write access to some of them (work, work2)

  • system:anyuser - Some directories are world readable. The system:anyuser is modified automatically.
  • cern:zf - all persons with an account in the LCD group at CERN

AFS, commands

A user guide for the AFS filesystem @CERN can be found here: AFS @CERN and AFS user guide

Important commands for adding/removing users, inspecting the membership and creating new protection groups (if needed):

  • list membership of the group zf:afsaccess: > pts membership -name zf:afsaccess
  • add a user to the protection group: > pts adduser -user -group zf:afsaccess (removeuser to remove a user from the group)

Handling the access rights for directories on AFS:

  • show the access rights for the directory work: > fs listacl work
  • change the access rights for the directory software: > fs setacl -dir software -acl zf:afsaccess read (the access rights listed in AFS access rights can be set)
  • remove access rights of a protection group (acl) or a user of the directory software: > fs setacl -dir software -acl zf:afsaccess none

How to set access rights for subdirectories (recursivly): AFS walking through subdirs and setting rights

  • make subdirectories of directory software world readable: cd software; afind . -t d -e "fs setacl {} system:anyuser rl"
  • make subdirectories of directory software readable for the group zf:afsaccess: cd software; afind . -t d -e "fs setacl {} zf:afsaccess read"

For the admins of the AFS space:

  • afs_admin set_acl adds admins for the clic project
  • afs_admin set_acl data all adds all rights for the given accounts for the directory data
  • afs_admin set_acl -r data zf:afsrestricted all adds all rights for the acl zf:afsrestricted for the directory data and all its subdirectories

-- PeterSpeckmayer - 10-Aug-2010

Edit | Attach | Watch | Print version | History: r7 < r6 < r5 < r4 < r3 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r7 - 2010-08-10 - unknown
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    CLIC All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2023 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback