ACL is driving me nuts

[SecCon]

Just trying to follow the instructions to create a basic SMB share on my test machine but no matter what I do I am not able to use my "admin" credentials - I don't need anything else - to log on to the share from the Windows machine. I also think I may have caused additional ACL's unintentionally yet find no way to restore default and begin from scratch.

Looks like this now:

Anyone for a bit of an explanation that is not only "select appropriate group / user" and tell me what I should select instead of just presenting infinite possibilities that may go infinitely wrong.

/scale/scaletutorials/datasets/permissionsscale/

 

[LarsR]

I wonder if it's the same as for the root user and access to shares for the new "admin" user is denied.
You could try to create a test user, give it permissions and try to access the share. If it works iX has removed access to shares for the admin user.

 

[anodos]

I wonder if it's the same as for the root user and access to shares for the new "admin" user is denied.
You could try to create a test user, give it permissions and try to access the share. If it works iX has removed access to shares for the admin user.

Only SMB users can access SMB shares. Whether a particular user can access an SMB share is indicated by the "Samba Authentication" field in the webui when you expand the particular user.

 

[SecCon]

So I guess I make a test user and add smbuser to its rights. Will check that.

Still doesn't explain why admin has no access, nor if I messed up any ACL as per my screenshot.

 

[SecCon]

There is no Samba or SMB in the dropdown of all weird rights

However, I found a small checkbox below the dropdown that says Samba.

I don't get it, why so many access auxiliary groups and SMB not one of them? Because I assume that auxiliary groups has some access functionality?

Oh, wonderful: This attribute cannot be changed.
I cant make the admin account a samba user?

- - -

testuser was granted Samba by default and works drive mapped, now for some tests

 

[SecCon]

and had to add this before able to RWX

which I thought was ok, but no

Error: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/middlewared/job.py", line 426, in run await self.future File "/usr/lib/python3/dist-packages/middlewared/job.py", line 463, in __run_body rv = await self.middleware.run_in_thread(self.method, *([self] + args)) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1252, in run_in_thread return await self.run_in_executor(self.thread_pool_executor, method, *args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/main.py", line 1249, in run_in_executor return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs)) File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run result = self.fn(*self.args, **self.kwargs) File "/usr/lib/python3/dist-packages/middlewared/schema.py", line 1322, in nf return func(*args, **kwargs) File "/usr/lib/python3/dist-packages/middlewared/plugins/filesystem_/acl_linux.py", line 678, in setacl return self.setacl_posix1e(job, data) File "/usr/lib/python3/dist-packages/middlewared/plugins/filesystem_/acl_linux.py", line 637, in setacl_posix1e verrors.check() File "/usr/lib/python3/dist-packages/middlewared/service_exception.py", line 70, in check raise self middlewared.service_exception.ValidationErrors: [EINVAL] filesystem_acl.dacl: Presence of [USER_OBJ] entry is required.

wonderful error message