CIFS share and unix permissions..

[widde]

Hi everyone!
I have read the documentation a little bit and are trying to get cifs/smb working on my FreeNas, can't get it to work on my Windows Machine. Can't just login.

Well, when I was reading tutorials and documentation it looks like I need to make several datasets with different permissions (Unix/Mac/Windows) and share them depending on the client operating system.
I hope I am wrong on this one, because I really want one dataset (and share) that both linux, mac and windows users can access, with cifs/smb. Is this possible?
I don't want to use Windows permissions because I have several linux machines that I want to access the share..

Thanks in advance.

 

[anodos]

Hi everyone!
I have read the documentation a little bit and are trying to get cifs/smb working on my FreeNas, can't get it to work on my Windows Machine. Can't just login.

Well, when I was reading tutorials and documentation it looks like I need to make several datasets with different permissions (Unix/Mac/Windows) and share them depending on the client operating system.

That's wrong. "Permissions type" is related to the file sharing protocol you're using. Unix = NFS. Windows = CIFS. Mac and Linux clients can - and should - connect to samba shares (CIFS) with permissions type set to "windows".

 

[widde]

That's wrong. "Permissions type" is related to the file sharing protocol you're using. Unix = NFS. Windows = CIFS. Mac and Linux clients can - and should - connect to samba shares (CIFS) with permissions type set to "windows".

Well, I don't get it. Are you saying that I can not share the same data with both NFS and Samba at the same time? Do I have to duplicate my data if I want a NFS and a Samba share?
This has worked perfectly fine on my synology and other setups for ages, why doesn't work on freenas?
When I set permission type to UNIX on a dataset I can set the permissions I want for user, group and other and I relly want to do that, but changing to Windows this is greyed out.. How do I change permissions after changing to Windows?

Why can't I use Unix permissions and just share a dataset with samba? Samba is a sharing protocol that transparently should share a directory across multiple platforms.. I really don't understand what FreeNas has done here.. Please enlighten me.. I don't say this is wrong, but it is not easy to understand even for a pro..

 

[anodos]

Well, I don't get it. Are you saying that I can not share the same data with both NFS and Samba at the same time?

There's a difference between "can" and "should". I have a post in my signature with some basic tips for how to minimize the pain of doing this. The problems of sharing the same dataset via NFS and Samba come from multiple angles:

• NFS does not understand samba locking semantics. The "kernel oplocks" parameter does not work in freebsd. Additionally, I believe some vendors such as synology have done some samba / kernel hacking to get this to work better (I believe I've seen smb.conf parameters on synology devices that do not exist in mainline samba). The mitigations that I've listed in my signature should be fine for a home user. I'm not sure how well they'll scale as you go from home user to enterprise users. With durable handles, SMB2 leases, etc, samba is becoming less likely to behave well with other methods of sharing files.
• Chmod has been known to treat explicit NFSv4 acls badly. The "Windows" permissions type disallows chmod operations for this reason.
• Samba is increasingly storing data in a manner that is not transparent to NFS clients (and other unix processes). See vfs_streams_xatt, vfs_fruit, storing DOS attributes as FS xattrs, etc.

This has worked perfectly fine on my synology and other setups for ages, why doesn't work on freenas?

See above.

When I set permission type to UNIX on a dataset I can set the permissions I want for user, group and other and I relly want to do that, but changing to Windows this is greyed out.. How do I change permissions after changing to Windows?

The security tab on Windows File Explorer is the best option. "smbcacls" is another option. For more information, see here: https://wiki.freenas.org/index.php/Methods_For_Fine-Tuning_Samba_Permissions Note: it's very much a work in progress.

Why can't I use Unix permissions and just share a dataset with samba?

You can. With some caveats. Note that this is considered an "unsupported" configuration.

Samba is a sharing protocol that transparently should share a directory across multiple platforms.

And it does work across any platforms. You can access samba from any samba / SMB client.

 

[widde]

If i Switch my shares to permission type "Windows" instead of Unix, how do I change permissions for that share? The unix permissions are greyed out now. In some way I have to set permissions on the shares..


EDIT: On my virtual freenas (just for test purpose) I got it working with unix permissions and cifs shares, I did exactly the same thing on my real freenas box, did not work. It may be workgroup/domain related, don't know yet. I have set a domain on my real box and on my virtual box it is named freenas.local..

Nope, did not work. Strange that I have the same setup on both boxes both the shares only work on one of them.

 

[anodos]

As I stated above, permissions are set through

If i Switch my shares to permission type "Windows" instead of Unix, how do I change permissions for that share?

https://forums.freenas.org/index.ph...-of-how-to-configure-share-permissions.35276/
https://www.youtube.com/watch?v=RxggaE935PM
https://www.youtube.com/watch?v=QhwOyLtArw0

 

[widde]

Ok, thanks for the information.
Well, I'm leaving FreeNas and will run a plain ubuntu server for my storage. FreeNas has too many drawbacks that I can't cope with. Only support ZFS, odd construction for permissions that I don't like.
For my needs a Ubuntu server with webmin vill do just fine. I can run plain ext4 on my discs, I have a backup server in another location so ZFS raidz1 or raidz2 is not neccessary for me. I also take backups
to bluray.

Thanks for your answers. Hope I will like FreeNas 10 better.