I’ve been trying to get my ACLs to work for the last couple of days but I think it is time to ask for help.
I created a parent Dataset and 2 child datasets.
I created a single SMB share for the parent dataset, that way when the clients access the share they could also access the child datasets as they appear as folders.
Pool
|
---Parent
|
---Child 1
|
---Child 2
My intent is not to allow anyone to create, modify or delete the contents of the parent dataset but i do want people to have full control inside the child datasets.
The ownership is as follows
Everything works as expected inside the child datasets and people are not allow to create or modify the existing contents in the parent dataset.
However, when people are in the parent dataset, they can delete a child dataset from there. The dataset is not really deleted as it will reappear when they “refresh” their window but the contents inside the child dataset would be gone by then.
In parent dataset, no one has the permissions to “delete children” or “delete”. In the child datasets, the groups do have “delete” permissions as i want people to be able to delete the files they created inside the child dataset.
I can prevent people from deleting the child dataset if I remove the “delete” permissions for that child dataset. But this would also prevents users from deleting or renaming the contents inside the child dataset.
What am i doing wrong? How can i prevent clients from deleting the dataset via SMB?
ps. I'm using Truenas 12.0-U6
I created a parent Dataset and 2 child datasets.
I created a single SMB share for the parent dataset, that way when the clients access the share they could also access the child datasets as they appear as folders.
Pool
|
---Parent
|
---Child 1
|
---Child 2
My intent is not to allow anyone to create, modify or delete the contents of the parent dataset but i do want people to have full control inside the child datasets.
The ownership is as follows
- Parent – root:wheel
- Child1 – root:child1
- Child2 – root:child2
Everything works as expected inside the child datasets and people are not allow to create or modify the existing contents in the parent dataset.
However, when people are in the parent dataset, they can delete a child dataset from there. The dataset is not really deleted as it will reappear when they “refresh” their window but the contents inside the child dataset would be gone by then.
In parent dataset, no one has the permissions to “delete children” or “delete”. In the child datasets, the groups do have “delete” permissions as i want people to be able to delete the files they created inside the child dataset.
I can prevent people from deleting the child dataset if I remove the “delete” permissions for that child dataset. But this would also prevents users from deleting or renaming the contents inside the child dataset.
What am i doing wrong? How can i prevent clients from deleting the dataset via SMB?
ps. I'm using Truenas 12.0-U6