Skip to content

Managing data access

Managing data access

In many situations, managing data and access to it can be quite complex.

Depending on your data sources, and your desire or requirement to limit access to some or all of your data, setting up a directory structure that meets all the requirements can be challenging.

You should feel free to write us at vacchelp@uvm.edu to ask questions or to arrange a meeting to discuss your project and different data access management schemes.

Organizing data and programs

Home directories

By default, access to data on the VACC file servers is by PI group, and the members of a PI group can typically see each other's files, including much of each user's home directory. We highly discourage users from sharing data or programs from their home directories, as home directories will be deleted when the user leaves UVM (or their sponsorship is cancelled).

Home directories should be used for files that are truly specific to the user only. Users are responsible for copying any data in their home directory to their own computers prior to the end of the sponsorship or affiliation with UVM.

Shared directories

Each PI will have a shared directory under /gpfs1/pi/<PI NetID>. That space is writable by every member of the group. We generally recommend that 'raw' data be put into a directory of its own and, once there, have permissions set to prevent inadvertent modification or deletion. Software, including any scripts written by group members or installed from other sources, that is to be shared by the group should be installed here into its own directory.

Processed data is most often organized either by person or by project. If the processed data is not used by multiple lab members, then having each person create a directory with their NetID under /gpfs1/pi/<PI NetID> is a workable scheme. However, if processed data is to be shared among multiple members, it may be better to organize by project, whether that is by grant, by proposed publication, by analytic technique, etc.

Default permissions for new files

Again, by default, when new files are created, they are set with full permission to the owner, and read/execute but not write permission to all other users. Some groups may want to change that. To do so, each user must modify their ~/.bashrc file to add a umask command, then log out and back in. A common setting is

umask 0002

which will add write permission to the members of the group owner. To set new files to have group write and to completely exclude other users, instead use

umask 0007