peter boos
Dabbler
- Joined
- Sep 21, 2020
- Messages
- 35
We got a freenas environment, a typical getfacl . for a smb shared zfs folder looks alike :
(./somefolder)
Owner: Domain\Peter
Group: Domain\domaingroup
owner@:rwxpDdaARWcCos:fdi----:allow
group@:rwxpDdaARWcCos:fdi----:allow
We can fix files to comply with above group@ permissions by typing:
find . -type d -exec setfacl -m group@:full_set:df:allow {} \;
find . -type f -exec setfacl -m group@:full_set::allow {} \;
But that's not ideal because when a user creates a new file the workaround does not get triggered.
ea in the earlier folder if Lisa would create a file an if retrieve the file permissions I get :
File ./demo.txt
Owner: Domain\Lisa
group: Domain\domaingroup
owner@:rw-p--aARWcCos:-----allow
group@:r-----a-R-c--s:-----allow
I would like that that group@ would read the same ea group@:rwxpDdaARWcCos:fdi----:allow
I have no idea why this doesn't happen.
Does it have to do with aclinherit, aclmode, or some smb.conf setting in freenas or am i missing something else here ?
Is it possible so that windows users connecting to the smb share upon file creation use group@ of the folder for added files.
(./somefolder)
Owner: Domain\Peter
Group: Domain\domaingroup
owner@:rwxpDdaARWcCos:fdi----:allow
group@:rwxpDdaARWcCos:fdi----:allow
We can fix files to comply with above group@ permissions by typing:
find . -type d -exec setfacl -m group@:full_set:df:allow {} \;
find . -type f -exec setfacl -m group@:full_set::allow {} \;
But that's not ideal because when a user creates a new file the workaround does not get triggered.
ea in the earlier folder if Lisa would create a file an if retrieve the file permissions I get :
File ./demo.txt
Owner: Domain\Lisa
group: Domain\domaingroup
owner@:rw-p--aARWcCos:-----allow
group@:r-----a-R-c--s:-----allow
I would like that that group@ would read the same ea group@:rwxpDdaARWcCos:fdi----:allow
I have no idea why this doesn't happen.
Does it have to do with aclinherit, aclmode, or some smb.conf setting in freenas or am i missing something else here ?
Is it possible so that windows users connecting to the smb share upon file creation use group@ of the folder for added files.