Sharing for Labs

1. Introduction

Storage space on CRSP has the concepts of Space Owners and Grantees

Space Owners
  • Are entitled to a baseline allocation and are all ladder faculty, PIs and UCI employee serving as PI/Co-PI on an extramural grant.

  • Can store files in their LAB and can partition LAB into shared and no-shared area.

  • Can grant access to their LAB storage space to Grantees: students, postdocs, and other faculty members.

  • Can purchase more space. Please see recharge.

Grantees
  • Are anyone with a UCNetID who are granted access by Space owners

  • Can access the LAB space to which they have been granted access by Space Owners and store files there.

Storage space on CRSP is divided into Private and Shared areas.

Private Area - HOME

This allocation space, called HOME, is for $HOME directories. Not used for sharing with others. This area is required for Linux accounts and is mainly used for an account related files. DO NOT use HOME for storing any data.

Shared Area - LAB

Space Owner decides how to divide its LAB allocation among . This allocation space, called LAB, is a shared space area per Space Owner. Space owner grants explicit access for this area to Grantees (students, postdocs, etc) and decides how to allocate the space. The LAB areas provide the most flexibility for access control and sharing. The key points of LAB area:

  • The space owner (e.g., faculty PI) by default has read access to every file and directory in the LAB

  • Those granted access (e.g., students) have a personal directory (folder) created for them under their UCNetID. Files stored here are viewed only by PI and the student.

  • A directory (folder) called share is available to all members of the lab who can read/write all files stored under it.

  • Only the PI has the ability to create files or new folders in the top-level of the LAB area.

  • Quota for base allocation is 1Tb. Quota is for the whole LAB area allocation and is a sum of what is stored in share and all personal directories.

CRSP has many (and sometimes competing) goals for access, sharing, security, manageability, and simplicity for researchers. One of the technical complexities of CRSP is that the underlying file system and access enforcement mechanisms are defined in Linux, but most access is from Mac and Windows environments.

In what follows, we will use the term file to mean file, folder, or directory. Linux (Unix) controls read and write access to each file independently for three different entities:

  1. The owner of the file. This is the UCNetID that originally created the file

  2. The group of the file. A grouping of UCNetIDs who might have access to this file

  3. The world (or others). Everyone else on CRSP

In CRSP LAB areas sharing is controlled by group permissions and by who is a member of the particular group. The world has no privilege to read or write files in any LAB area.
Owners of files may make their files explicitly private by removing all read/write permissions from group

2. Default Setup for Labs

In the following, we will use the lab for a PI ppapadop as an example. Grantees or lab members that were given an access to the LAB by the PI are UCNetIDs: ckhacher, itoufiqu, tandriol and iychang.

The <pi> is the owner of the space, in this example, ppapadop. There are two Unix groups pre-defined for all labs:

  1. <pi>_lab: Only the lab owner is in this group (e.g., ppapadop is in group ppapadop_lab)

  2. <pi>_lab_share: All members of the lab including the PI are in this group (e.g., ppapadop_lab_share)

2.1. Example Lab

This shows the ppapadop lab on CRSP with members: ckhacher, itoufiqu, tandriol, iychang. Notice that everyone in the lab has a folder named by UCNetID that is private to them and to the PI. In other words, user ppapadop who is a PI can see all files, but user itoufiqu can only see files in the itoufiqu and share folders.

The following graphic annotates the sharing with the itoufiqu and ckhacher as example users.

Example: LAB top-level folder (using MAC CRSP Desktop)

crsp lab share highlight

Please see guides below that provide more information and explain how to get an account, use CRSP and get help:

CRSP Howto Guide

Troubleshooting CRSP Access

Frequently asked questions

LAB allocation

File recovery

Recharge

CRSP Access

How CRSP is built