francisaugusto
Contributor
- Joined
- Nov 16, 2018
- Messages
- 153
Hi,
I manage to mount nfsv4 shares served by TrueNAS Scale on an Ubuntu client. Kerberos works for authentication and mounting, and the permissions are correctly identified.
The idea is to export a home folder on my pool with several user directories.
`Home` is owned by root:root. I used the default NFSv4_HOME ACL. The user directories are owned by the respective users.
But I have this issue:
- If I use maproot user/group = root, It mounts well, I can access the folder, but the users can access each other's folders, and new files created by them are owned by root.
- If I don't use maproot at all, I can access the main folder, but can't even `cd` to the user's folder. A simple `ls` gives me a "permission denied".
I've tried other things, such as creating child datasets with their own permissions, owned by the users, but it also didn't work.
Any tips on how to successfully manage this? I wanted to try other nfs export options, such as secure,root_squash,no_all_squash, but I don't think it is possible via GUI.
I manage to mount nfsv4 shares served by TrueNAS Scale on an Ubuntu client. Kerberos works for authentication and mounting, and the permissions are correctly identified.
The idea is to export a home folder on my pool with several user directories.
`Home` is owned by root:root. I used the default NFSv4_HOME ACL. The user directories are owned by the respective users.
But I have this issue:
- If I use maproot user/group = root, It mounts well, I can access the folder, but the users can access each other's folders, and new files created by them are owned by root.
- If I don't use maproot at all, I can access the main folder, but can't even `cd` to the user's folder. A simple `ls` gives me a "permission denied".
I've tried other things, such as creating child datasets with their own permissions, owned by the users, but it also didn't work.
Any tips on how to successfully manage this? I wanted to try other nfs export options, such as secure,root_squash,no_all_squash, but I don't think it is possible via GUI.