default file/directory permissions changed after upgrading to TrueNAS Scale from Core

[jdratlif]

I am sharing a directory under my main dataset with SMB for Windows and NFS for linux.

I was running TrueNAS Core 12 U8, and upgraded to TrueNAS Scale 22.02 Release yesterday. When I create files on my NFS share now, they get file permissions of 666 and directory permissions of 777. My umask has not changed, it's still 0022.

This always happened with SMB shares.

How can I get my default file creation on NFS shares to respect my umask and not be world writable?

I have no ACLs. To be sure, I ran setfacl -b -k -R /mnt/tank.

Thanks.

 

[RandomPrecision]

Bump... did you ever find a solution for this?

I was having the exact same issue. I'm sharing a dataset via both SMB and NFS, as my user home directory (for both Windows and Linux, respectively). Everything appears to work, except, like you, umask was being ignored, and all new files were being created with 666 or 777 permissions. I wanted the "other" default to be no permissions.

I'm not sure if you can get away without having ACLs. All the web searching I did on the topic seems to suggest that ACLs are necessary in this scenario. If there is a way to accomplish our goal without ACLs, I'd like to know.

In the meantime, I have at least fixed this for my Linux-NFS share (I'm at work now, can't test my Windows-SMB share). I did the following in the ACL editor for my home directory dataset: I checked the "Apply permissions recursively" box, then "Use Preset", then selected the "NFS4_HOME" preset, and finally "Save Access Control List".

Edit: I take that back, I don't think that was the right thing to do. Now all files in this folder have user-execute permission. The permissions for "other" are indeed gone.