johndanoob
Cadet
- Joined
- Feb 20, 2023
- Messages
- 4
Hello all. I am trying to configure a NAS for multiple users via Tailscale with the following nested dataset [permissions] structure:
NAS POOL (4x 12TB HDD RAIDZ1)
-NAS_SHARED
-SHARED [ShareAdmin, J5, J4]
-J5 [ShareAdmin, J5]
-J4 [ShareAdmin, J4]
-JM [ShareAdmin, JM]
-Media Library [ShareAdmin, ShareMedia]
VM/APPS POOL (2TB NVME)
-ix-applications (Tailscale)
-Windows 11 VM w/ GPU passthrough (haven't figured this out yet)
(another 2TB NVME I don't know what to do with)
I want the permissions to be set via Filesystem ACL. I am struggling to understand how to set the user/group settings and ACL's to achieve this. From my research I've seen many different ways of setting this up and don't know what way is best or up to date with the latest changes to the ACL menu.
I've also run into an issue with my current attempt, where if I try to create a nested dataset under the NAS_SHARED dataset, I get a permissions error unless I give permissions to "builtin_users" in the NAS_SHARED ACL as shown in the attached screenshot. I don't want all users to have write access to the top level NAS_SHARED dataset, or be able to delete child datasets, so this error seems to defeat the whole purpose of the ACL. Maybe I just remove the NAS_SHARED altogether and make independent SMB shares for each dataset?
Obviously my ACL is not configured correctly, but I don't know what to change. I don't know whether to leave owner and group set to root or to change those to a user/group. I also don't know whether to create a separate SMB for each dataset or just share the NAS_SHARED dataset via SMB. Any help would be greatly appreciated.
NAS POOL (4x 12TB HDD RAIDZ1)
-NAS_SHARED
-SHARED [ShareAdmin, J5, J4]
-J5 [ShareAdmin, J5]
-J4 [ShareAdmin, J4]
-JM [ShareAdmin, JM]
-Media Library [ShareAdmin, ShareMedia]
VM/APPS POOL (2TB NVME)
-ix-applications (Tailscale)
-Windows 11 VM w/ GPU passthrough (haven't figured this out yet)
(another 2TB NVME I don't know what to do with)
I want the permissions to be set via Filesystem ACL. I am struggling to understand how to set the user/group settings and ACL's to achieve this. From my research I've seen many different ways of setting this up and don't know what way is best or up to date with the latest changes to the ACL menu.
I've also run into an issue with my current attempt, where if I try to create a nested dataset under the NAS_SHARED dataset, I get a permissions error unless I give permissions to "builtin_users" in the NAS_SHARED ACL as shown in the attached screenshot. I don't want all users to have write access to the top level NAS_SHARED dataset, or be able to delete child datasets, so this error seems to defeat the whole purpose of the ACL. Maybe I just remove the NAS_SHARED altogether and make independent SMB shares for each dataset?
Obviously my ACL is not configured correctly, but I don't know what to change. I don't know whether to leave owner and group set to root or to change those to a user/group. I also don't know whether to create a separate SMB for each dataset or just share the NAS_SHARED dataset via SMB. Any help would be greatly appreciated.
