11.3 ACL Management explain root wheel owner@ group@

R

RiBeneke

Dabbler
Joined
Nov 18, 2013
Messages
37
I have just upgraded to 11.3 and the new features are very welcome. Thank you iX !
In the new ACL Management (Sharing / Windows Shares (SMB) / <Select Share ... Edit ACL> panel
can someone please educate me on the meaning of root wheel owner@ and group@ ?
The User Guide does not help me here.
I assume that on the left under File Information that root and wheel refer to the built in user and group and should normally not be changed.
On the right under Access Control List, are the settings for owner@ the settings that will apply to root ?
And are the settings for group@ the ones that will apply to wheel ?
Or do owner@ and group@ have some other meaning ? Thanks.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
In the screen you are looking at "root" is the Owner of the dataset, "wheel" is the Owner-Group of the dataset.

owner@ entries affect permissions for the Owner of a file. It's a special designator per NFSv4 RFC.
group@ entries affect permissions for the Owner-Group. Ditto regarding RFC.

So right now, root and wheel have full control. If you were to chown the file to "bob:users", bob and users would have full control without having to make changes to the actual ACL. It works like S-1-3-0 (CREATOR-OWNER) in the windows world.
 
R

RiBeneke

Dabbler
Joined
Nov 18, 2013
Messages
37
Thank you for the clarification.
So under File Information on left side the User is Owner-User and the Group is Owner-Group.
Under Who on right side the Owner@ designator for Owner-User is logical, but I could not find an online reference to confirm it.
I have since reread the help ? note and see that the Owner@ designator is explained there. Apologies.
 
Last edited:
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
RiBeneke said:
Thank you for the clarification.
So under File Information on left side the User is Owner-User and the Group is Owner-Group.
Under Who on right side the Owner@ designator for Owner-User is logical, but I could not find an online reference to confirm it.
I have since reread the help ? note and see that the Owner@ designator is explained there. Apologies.
Click to expand...
No problem. These things can seem a bit overwhelming on first exposure. Most of the ACL is defined in RFC3530 https://tools.ietf.org/html/rfc3530#page-50
 
You must log in or register to reply here.

Similar threads

R
Reset Pool ACL Freenas 11.3
Replies
6
Views
3K
shadowempire
S
G
SOLVED Help Understanding ACL Permission
Replies
4
Views
4K
kjemison
K
B
SMB share and inherited ACLs
Replies
2
Views
2K
bozho
B
F
  • Locked
acl inheritance flags of setfacl
Replies
2
Views
5K
freenasbbs
F
B
Issue with FreeNAS ACL/ACE
Replies
1
Views
1K
Barrikin
B
Top