Hi Ally,
GT 5.2 has a path restriction feature that can do what I think you're
asking. See '-restrict-paths' here:
http://toolkit.globus.org/toolkit/docs/5.2/5.2.5/gridftp/admin/#commandlineoptions-server
For instance, the configuration '-restrict-paths RW~/,R/data' would
enable read/write access to the users home directory and read access to
the /data directory, while denying all other paths.
If that doesn't fit your needs, can you give some examples of what you'd
like to do?
Mike
On 1/22/2014 6:23 AM, Ally Hume wrote:
Does anybody know of a way to perform GridFTP's file permission authorization
using a call out to an external component rather than simply mapping users to a
unix user and replying on the unix file permissions to handle the
authorization? Ideally I'd like for the call out service to be able to specify
a restricted set of folders from all the folders that the unix user has
permissions to access.
Is this type of thing possible with GT5? I've seen hints of people trying to
do something like this with GT4 but I'm not sure if this is possible with the
latest version.
Regards,
Ally Hume
Software Architect
EPCC, The University of Edinburgh
