Hi Luca, I do not understand how exactly wozld the suggested change impact my work on the stat100* machines, but I know that I need both
- user analytics-privatedata, and - user goransm to be able to read and write any file in any directory in my home directory. Thanks. Best, Goran On Tue, Mar 3, 2020, 19:06 Luca Toscano <[email protected]> wrote: > Hi everybody, > > as part of https://phabricator.wikimedia.org/T246578 we'd like to enforce > some basic permissions via puppet to all the home directories on analytics > clients (stat/notebooks) of analytics-privatedata-users to > $user:analytics-privatedata-users 750. For example, let's pick my home, > /home/elukey: > > - it will get permissions elukey:analytics-privatedata-users (owner:group) > - it will get permissions set to 750 > > I am talking about only the home directory, not its content (so the > permissions will not be applied recursively). In this way we'd like to > protect PII data that people might copy from Hadoop to the local file > system, allowing only users from analytics-privatedata-users to read > between each other home dirs. > > If for any reason this change impacts your work, please let us know in the > aforementioned task. In theory this should not affect anybody, and keep our > data a little bit more safe :) > > Thanks! > > Luca (on behalf of the Analytics team) > _______________________________________________ > Analytics mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/analytics >
_______________________________________________ Analytics mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/analytics
