2 related problems/questions:
1) HOW TO SET DEFAULT PERMISSIONS ON FILE CREATION WHICH DO NOT INHERIT FROM DIRECTORY
In debian-based linux generally there is a default permissions of 644/755 for files/directories (now 664/775). As I understand this happens because the umask is set to 022 or 002 which governs the default permissions for the creation of new files. However in freenas (windows acl style permissions) default file creation simply inherits the permissions of the containing directory. I see from the setfacl man page
https://www.freebsd.org/cgi/man.cgi?format=html&query=setfacl(1)
that there is an inheritance flag. However, I am looking more for a default rather than inheritance.
Is there a way to change this to have the creation behavior be closer to what is done in debian-based systems?
2) HOW CAN OWNER DELETE FILE REGARDLESS OF PERMISSIONS
I'm using windows acl style permissions, but I'm noticing a difference between what my user on my freenas server can do and what I can do from my ubuntu CIFS mount or my mount from windows 8.1. From the server directly I can do:
$ touch testfile
$ ls -lat
drwxr-xr-x+ 2 user user 3 Jul 25 15:29 .
-rwxr-xr-x+ 1 user user 0 Jul 25 15:29 testfile
drwxr-xr-x+ 17 user user 18 Jul 25 14:45 ..
$ setfacl -m everyone@:rwx::deny testfile
$ ls -lat
total 15
drwxr-xr-x+ 2 user user 3 Jul 25 15:29 .
----------+ 1 user user 0 Jul 25 15:29 testfile
drwxr-xr-x+ 17 user user 18 Jul 25 14:45 ..
$ rm -rf
$ touch testfile
$ setfacl -m everyone@:rwx::deny testfile
$ ls -lat
total 14
drwxr-xr-x+ 2 user user 2 Jul 25 15:35 .
drwxr-xr-x+ 17 user user 18 Jul 25 14:45 ..
However from the mounted CIFS share from ubuntu:
$ ls -lat
total 1
---------- 1 user user 0 Jul 25 15:29 testfile
drwxr-xr-x 2 user user 0 Jul 25 15:29 .
drwxr-xr-x 17 user user 0 Jul 25 14:45 ..
$ rm -rf testfile
rm: cannot remove âtestfileâ: Permission denied
SETUP
* FreeNAS-9.3-STABLE-201506292130
* Connect with both windows 8.1 and ubuntu 14.04 (CIFIS via automount)
* Why these things are a problem: Git mostly. I don't want to have to log into my freenas server to run nas, or check out my repo to some other drive if I can avoid it. Especially considering things were working with my old file server; I'd like to get the same functionality IF POSSIBLE.
CIFS SETTINGS
NetBIOS name: freenas
Workgroup: WORKGROUP
Description: FreeNAS Server
DOS charset: CP437
UNIX charset: UTF-8
Log level: Minimum
Local Master: CHECKED
Time Server for Domain: CHECKED
Guest account: nobody
File mask: 0644
Directory mask: 0755
Unix Extensions: CHECKED
Zeroconf share discovery: CHECKED
Hostnames lookups: CHECKED
Server minimum protocol: ---------
Server maximum protocol: SMB2
Allow execute always: CHECKED
Obey pam restrictions: CHECKED
Bind IP Addresses:
192.168.1.162
192.168.1.172
Idmap Range Low: 90,000,001
Idmap Range High: 100,000,000
SHARE SETTINGS
Browsable to Network Clients: CHECKED
VFS Objects: aio_ptheread, streams_xattr
Periodic Snapshot Task: storage1/home - every 3 hours - 1month
Auxiliary Parameters: none
VOLUME OPTIONS
Compression level: Inherit (lz4)
Share type: Windows
Enable atime: Inherit (on)
ZFS Deduplication: Inherit (off)
VOLUME PERMISSIONS
Apply Owner (user): CHECKED
Apply Owner (group): CHECKED
Apply Mode: CHECKED
Mode: (GREYED OUT)
Permission Type: WINDOWS
Set permission recursively: NOT CHECKED
UBUNTU AUTOMOUNT SETTINGS:
files -fstype=cifs,credentials=/root/.smbcredentials2,rw,iocharset=utf8,exec ://freenas/files[/CODE]
1) HOW TO SET DEFAULT PERMISSIONS ON FILE CREATION WHICH DO NOT INHERIT FROM DIRECTORY
In debian-based linux generally there is a default permissions of 644/755 for files/directories (now 664/775). As I understand this happens because the umask is set to 022 or 002 which governs the default permissions for the creation of new files. However in freenas (windows acl style permissions) default file creation simply inherits the permissions of the containing directory. I see from the setfacl man page
https://www.freebsd.org/cgi/man.cgi?format=html&query=setfacl(1)
that there is an inheritance flag. However, I am looking more for a default rather than inheritance.
Is there a way to change this to have the creation behavior be closer to what is done in debian-based systems?
2) HOW CAN OWNER DELETE FILE REGARDLESS OF PERMISSIONS
I'm using windows acl style permissions, but I'm noticing a difference between what my user on my freenas server can do and what I can do from my ubuntu CIFS mount or my mount from windows 8.1. From the server directly I can do:
$ touch testfile
$ ls -lat
drwxr-xr-x+ 2 user user 3 Jul 25 15:29 .
-rwxr-xr-x+ 1 user user 0 Jul 25 15:29 testfile
drwxr-xr-x+ 17 user user 18 Jul 25 14:45 ..
$ setfacl -m everyone@:rwx::deny testfile
$ ls -lat
total 15
drwxr-xr-x+ 2 user user 3 Jul 25 15:29 .
----------+ 1 user user 0 Jul 25 15:29 testfile
drwxr-xr-x+ 17 user user 18 Jul 25 14:45 ..
$ rm -rf
$ touch testfile
$ setfacl -m everyone@:rwx::deny testfile
$ ls -lat
total 14
drwxr-xr-x+ 2 user user 2 Jul 25 15:35 .
drwxr-xr-x+ 17 user user 18 Jul 25 14:45 ..
However from the mounted CIFS share from ubuntu:
$ ls -lat
total 1
---------- 1 user user 0 Jul 25 15:29 testfile
drwxr-xr-x 2 user user 0 Jul 25 15:29 .
drwxr-xr-x 17 user user 0 Jul 25 14:45 ..
$ rm -rf testfile
rm: cannot remove âtestfileâ: Permission denied
SETUP
* FreeNAS-9.3-STABLE-201506292130
* Connect with both windows 8.1 and ubuntu 14.04 (CIFIS via automount)
* Why these things are a problem: Git mostly. I don't want to have to log into my freenas server to run nas, or check out my repo to some other drive if I can avoid it. Especially considering things were working with my old file server; I'd like to get the same functionality IF POSSIBLE.
CIFS SETTINGS
NetBIOS name: freenas
Workgroup: WORKGROUP
Description: FreeNAS Server
DOS charset: CP437
UNIX charset: UTF-8
Log level: Minimum
Local Master: CHECKED
Time Server for Domain: CHECKED
Guest account: nobody
File mask: 0644
Directory mask: 0755
Unix Extensions: CHECKED
Zeroconf share discovery: CHECKED
Hostnames lookups: CHECKED
Server minimum protocol: ---------
Server maximum protocol: SMB2
Allow execute always: CHECKED
Obey pam restrictions: CHECKED
Bind IP Addresses:
192.168.1.162
192.168.1.172
Idmap Range Low: 90,000,001
Idmap Range High: 100,000,000
SHARE SETTINGS
Browsable to Network Clients: CHECKED
VFS Objects: aio_ptheread, streams_xattr
Periodic Snapshot Task: storage1/home - every 3 hours - 1month
Auxiliary Parameters: none
VOLUME OPTIONS
Compression level: Inherit (lz4)
Share type: Windows
Enable atime: Inherit (on)
ZFS Deduplication: Inherit (off)
VOLUME PERMISSIONS
Apply Owner (user): CHECKED
Apply Owner (group): CHECKED
Apply Mode: CHECKED
Mode: (GREYED OUT)
Permission Type: WINDOWS
Set permission recursively: NOT CHECKED
UBUNTU AUTOMOUNT SETTINGS:
files -fstype=cifs,credentials=/root/.smbcredentials2,rw,iocharset=utf8,exec ://freenas/files[/CODE]