SOLVED Can't access NFS home directory/dataset

[Elegant]

Hi all,
I currently have a dataset called vol1/home that contains child datasets for each user. In order to mount them, they must be specified as individual exports which seemed simple enough until I tried to mount. So far, I have been unable to mount the home share for non-admin users. I've included a list of troubleshooting scenarios below but cannot determine why these events are happening.

Scenario #1 (vol1/home/kodi is a dataset):
root@freenas:/mnt/vol1/home # getfacl kodi # file: kodi # owner: kodi # group: domain admins owner@:rwxpDdaARWcCo-:-------:allow user:kodi:rwxpDdaARWcCo-:fdi----:allow owner@:rwxpDdaARWcCo-:------I:allow owner@:rwxpDdaARWcCo-:fdi---I:allow group:domain admins:rwxpDdaARWcCo-:fd----I:allow

Result:
User is able to 'access' the dataset but is met with cannot open directory '.': Stale file handle when attempting any action in the directory unless they are part of the Domain Admins group.

Scenario #2 (vol1/home/kodi2 is a not dataset):
root@freenas:/mnt/vol1/home # getfacl kodi2 # file: kodi2 # owner: kodi # group: domain admins group:kodi:rwxpDdaARWcCo-:-------:allow group:kodi:rwxpDdaARWcCo-:fdi----:allow group:BUILTIN\administrators:rwxpDdaARWcCo-:-------:allow group:BUILTIN\administrators:rwxpDdaARWcCo-:fdi----:allow owner@:rwxpDdaARWcCo-:------I:allow owner@:rwxpDdaARWcCo-:fdi---I:allow group:domain admins:rwxpDdaARWcCo-:fd----I:allow

Result: No issues (proper access), but this is not a dataset for setting quotas.

Scenario #3 (vol1/home/kodi3 is a dataset):
root@freenas:/mnt/vol1/home # getfacl kodi3 # file: kodi3 # owner: kodi # group: domain admins group:kodi:rwxpDdaARWcCo-:fdi----:allow group:BUILTIN\administrators:rwxpDdaARWcCo-:fdi----:allow group:domain admins:rwxpDdaARWcCo-:fd----I:allow owner@:rwxpDdaARWcCo-:fdi---I:allow

Result: User is unable to access the dataset unless they are part of the Domain Admins group. The difference between scenario #1 and #3 is that the permissions found here are a copy of scenario #2. Keep in mind that this scenario uses a dataset.

Has anyone ever experienced this issue? It appears as though the ACLs are having no effect and I'm getting the feeling this isn't feasible. Thanks!

 

[dlavigne]

Were you able to resolve this?

 

[Elegant]

Yes, I did. The issue was that I also had /mnt/vol1/home as an export. FreeBSD does not support cross-mount NFS exports like Linux, thus if you export /mnt/vol1/home and /mnt/vol1/home/user1 you are not be able to correctly mount the child dataset despite having created the export.

There are workarounds to this, technically someone could create a kludge setup with autofs which would require fetching the missing files from FreeBSD to start the service as they are missing in FreeNAS. In essence, you would mount the share elsewhere on FreeNAS using autofs and then export it from there ("chain mounting").

Ultimately, since this foiled my plans to use the sharenfs feature of ZFS and I did not wish to manually maintain the home exports, I chose to remove the child datasets and keep everything as directories under the /mnt/vol1/home dataset. I may revisit this in the future if FreeBSD supports the crossmnt option for NFS exports but this does not seem to be on the radar as a desired feature.

Thanks!