files and folders not visible on smb share despite identical permissions and ACLs

[bhavik]

Hi,

I am observing a strange problem. For one of the dataset (/mnt/Pool1/shows) and SMB share on my storage, I am observing "showA/folderA" is not visible on SMB share. However, with the exact same permissions and ACLs "showB/folderB" is visible on the SMB share.

While I change the owner of "showA/folderA" to some other user (who's part of the group) then the folders and files are visible, accessible, and modifiable on the SMB share. Any thoughts as to what might be causing this behaviour and if I need to share any other information for resolving this problem?


getfacl /mnt/Pool1/shows/showA/folderA /mnt/Pool1/shows/showB/folderB

Code:

# file: /mnt/Pool1/shows/showA/folderA
# owner: root
# group: showA
            owner@:rwxpDdaARWcCos:fd----I:allow
            group@:rwxpDdaARWc--s:fd----I:allow
         everyone@:--------------:fd----I:allow

# file: /mnt/Pool1/shows/showB/folderB
# owner: root
# group: pipeline
            owner@:rwxpDdaARWcCos:fd----I:allow
            group@:rwxpDdaARWc--s:fd----I:allow
         everyone@:--------------:fd----I:allow

getfacl -v /mnt/Pool1/shows/showA/folderA /mnt/Pool1/shows/showB/folderB

Code:

# file: /mnt/Pool1/shows/showA/folderA
# owner: root
# group: showA
            owner@:read_data/write_data/execute/append_data/delete_child/delete/read_attributes/write_attributes/read_xattr/write_xattr/read_acl/write_acl/write_owner/synchronize:file_inherit/dir_inherit/inherited:allow
            group@:read_data/write_data/execute/append_data/delete_child/delete/read_attributes/write_attributes/read_xattr/write_xattr/read_acl/synchronize:file_inherit/dir_inherit/inherited:allow
         everyone@::file_inherit/dir_inherit/inherited:allow

# file: /mnt/Pool1/shows/showB/folderB
# owner: root
# group: pipeline
            owner@:read_data/write_data/execute/append_data/delete_child/delete/read_attributes/write_attributes/read_xattr/write_xattr/read_acl/write_acl/write_owner/synchronize:file_inherit/dir_inherit/inherited:allow
            group@:read_data/write_data/execute/append_data/delete_child/delete/read_attributes/write_attributes/read_xattr/write_xattr/read_acl/synchronize:file_inherit/dir_inherit/inherited:allow
         everyone@::file_inherit/dir_inherit/inherited:allow

Platform:
FreeBSD 12.2-RELEASE-p6
FreeBSD fpfs001.local 12.2-RELEASE-p6 FreeBSD 12.2-RELEASE-p6 facd5d71c97(HEAD) TRUENAS amd64

Thanks,
Bhavik

 

[anodos]

Unix tokens are generated during SMB tree connect. If you're changing out group memberships under an existing SMB session, try restarting the SMB service. Otherwise, things aren't identical, group@ points to a different group.

 

[anodos]

What version of TrueNAS is this? There was an early-ish version of 12 where permissions handling for group@ was wrong.

 

[sretalla]

Are those "folders" or are they datasets?

 

[bhavik]

@anodos
Thank you for your notes, It is TrueNAS-12.0-U3.1.

I tried restarting the SMB service (from web UI, per attached screenshot) but that did not help and the client end SMB share info seems the same. FYI, I have also deleted "net use /del *" and then try reconnecting.


@sretalla
Those are the folders. The dataset is "/mnt/Pool1/shows".