release notes | Book: 1.9.5, 1.9.12 (opt, FHS), 2.11 (FHS), 2.12 (FHS), 2.13 (FHS), 2.14 (FHS), | Wiki | Q&A black_bg
Web: Multi-page, Single page | PDF: A4-size, Letter-size | eBook: epub black_bg

dCache configuration

The dCacheSetup file contains a number of settings that may be adjusted to configure dCache’s permission settings. These settings are are described in this section.

[return to top]


The permissionHandler setting describes the Permission Handler chain that dCache will use. It contains a list of permission handlers that will form the chain. Valid permission handlers are and Not specifying a permissionHandler value is equivalent to specifying the UnixPermissionHandler.

No spaces

Remember when writing permissionHandler options that the value must be a single line leaving no space before and after the separating comma.

Example 16.1. Only use Unix authorisation model

The following setting results in dCache using Only the Unix authorisation model. The decision about whether an end user is authorised is based on file and directory ownership and group-ownership and on the file or directory permissions:

Example 16.2. Only ACLs authorisation model

Only the NFS v4 ACL authorisation model is used:

Example 16.3. ACLs first, Unix as a fall-back

The ACL permissions are checked first. If ACLs do not state whether an operation is allowed or denied then Unix permissions are checked:,

[return to top]

Database connection

In the ACL Configuration section of the dCacheSetup file uncomment the variable aclConnUrl and replace the database name chimera in the URI with the name of the ACL database just created. If the database is hosted by a remote PostGreSQL instance then the host part of the URI (localhost in the default) must also be replaced.

If the database is aclpnfs and hosted by the PostgreSQL instance on machine, the correct configuration line is


Apply changes to all doors

The change must be applied to the dCacheSetup file on all doors. If the PostgreSQL instance hosting the database is on the same machine then localhost may be used.


Many sites can refer to a node using just the short name; for example, db-server instead of in the above example.