Our Goals:
· For each faculty member to be able to post files in the “public” folder for each class and have them readable by all students.
· To have each student be able to write files to their own folders for each class they take. The faculty member for each class should also have full permissions to the student’s folder for their class so they can change or make notations on the student’s work.
· No students should be able to see other student’s work areas.
· Faculty should not be able to see student’s work from classes other than their own.
Our current directory structure is as follows: (note, I have a color coded Word document detailing the directory structure I would be glad to send)
/home/stu/dott1234 <= student home directory containing a folder for each class where students put their work. owner= student; group=facultyofclass; mask=7770
/home/fac/Rightmire <= faculty home directory containing a folder for each class taught. owner=facultymember; group=facultymember; mask=7755
each class folder contains a public folder for things like syllabus that are available to everyone.
each class folder also contains symbolic links to the work area for each student in that class (pointing to the class folder in the student home.)
/home/classes <= this folder contains symbolic links to each faculty members home directory mask=7755
Currently we have two shares mapped:
One to “My_classes” which maps to the users home directory: share mask =7770
For student that would be /home/stu/dott1234/
For Faculty that would be /home/fac/Rightmire/
The other is mapped to “all_classes” at the share point /home/classes share mask =7755
Issues:
· By default, the group owner of each new file is set to the primary group of the file creator. This will not work as students can be in several classes and need a different group owner for each different class. By placing a 7 in the first bit of the file permissions, we were able to make the group owner of the folder flow down to any files created in that folder. Now any files the student creates, have the group owner set to the faculty member of that class. Permissions on the files are set to 770. Thus the owner (student) and group (faculty) have full permissions to the files and no one else can see them. (This issue is resolved) However, if the students write to the folder by following the link in all_classes, the permissions are set to 7755. This means the faculty member can see the files but not write to them. It also means other students can see them as well, (if they could follow the link - which I don’t think they can)
· If a faculty member adds a file to the student’s work area, the owner and group will both be set to the faculty member. Thus the student will not be able to see the file. My guess is that faculty would only modify existing files and not be creating new ones in the student work areas. I assume in this area, the permissions would not change but the creator (not editor) would remain the owner of the file.
· If the faculty member enters their own work area through “my_classes” the mask is set to 7770 which means only the owner (faculty) and group (faculty) have full permissions, but students cannot read as desired. Possible options:
- If it is possible to have shares only visible to certain people, we could have one share for student_classes with 7770 permissions and another for faculty with 7755 permissions.
- Have the faculty only write through the all_classes share which does have the permissions set to 7755
- Another possible option would be to have the “my_classes” share only writable by students, and the “all_classes” share only writable by faculty. It would solve all problems as long as permissions don’t change on a student’s file when a faculty member modifies it.
Any suggestions would be most helpful.
· For each faculty member to be able to post files in the “public” folder for each class and have them readable by all students.
· To have each student be able to write files to their own folders for each class they take. The faculty member for each class should also have full permissions to the student’s folder for their class so they can change or make notations on the student’s work.
· No students should be able to see other student’s work areas.
· Faculty should not be able to see student’s work from classes other than their own.
Our current directory structure is as follows: (note, I have a color coded Word document detailing the directory structure I would be glad to send)
/home/stu/dott1234 <= student home directory containing a folder for each class where students put their work. owner= student; group=facultyofclass; mask=7770
/home/fac/Rightmire <= faculty home directory containing a folder for each class taught. owner=facultymember; group=facultymember; mask=7755
each class folder contains a public folder for things like syllabus that are available to everyone.
each class folder also contains symbolic links to the work area for each student in that class (pointing to the class folder in the student home.)
/home/classes <= this folder contains symbolic links to each faculty members home directory mask=7755
Currently we have two shares mapped:
One to “My_classes” which maps to the users home directory: share mask =7770
For student that would be /home/stu/dott1234/
For Faculty that would be /home/fac/Rightmire/
The other is mapped to “all_classes” at the share point /home/classes share mask =7755
Issues:
· By default, the group owner of each new file is set to the primary group of the file creator. This will not work as students can be in several classes and need a different group owner for each different class. By placing a 7 in the first bit of the file permissions, we were able to make the group owner of the folder flow down to any files created in that folder. Now any files the student creates, have the group owner set to the faculty member of that class. Permissions on the files are set to 770. Thus the owner (student) and group (faculty) have full permissions to the files and no one else can see them. (This issue is resolved) However, if the students write to the folder by following the link in all_classes, the permissions are set to 7755. This means the faculty member can see the files but not write to them. It also means other students can see them as well, (if they could follow the link - which I don’t think they can)
· If a faculty member adds a file to the student’s work area, the owner and group will both be set to the faculty member. Thus the student will not be able to see the file. My guess is that faculty would only modify existing files and not be creating new ones in the student work areas. I assume in this area, the permissions would not change but the creator (not editor) would remain the owner of the file.
· If the faculty member enters their own work area through “my_classes” the mask is set to 7770 which means only the owner (faculty) and group (faculty) have full permissions, but students cannot read as desired. Possible options:
- If it is possible to have shares only visible to certain people, we could have one share for student_classes with 7770 permissions and another for faculty with 7755 permissions.
- Have the faculty only write through the all_classes share which does have the permissions set to 7755
- Another possible option would be to have the “my_classes” share only writable by students, and the “all_classes” share only writable by faculty. It would solve all problems as long as permissions don’t change on a student’s file when a faculty member modifies it.
Any suggestions would be most helpful.