Help with Permissions

[freddymcwilliam]

Hey guys,

I have a question about permissions on FreeNAS. I'm very amature with permissions and groups, as you will tell, so thank-you for your help.

My set up:
- I have a pool with a dataset on it
- I share the dataset via NFS
- My NAS has 2 users: freddy and mary who connect to the datasets via NFS (from linux and mac respectively)
- Both those users are in a group called "residents" (ie people who live in my house)
- I also have various visitors who connect to my network from time to time using their own device

My question is, does this work:
- Set the owner of the dataset to "nobody"
- Set the group of the dataset to "residence"
- Map root (in the NFS settings) to "nobody" (as a security measure, to prevent people connecting as root)
- Set the owner to have no access at all, groups (ie freddy and mary) to have full access, and everyone else (would be the visitors) to have read only access.

When mary connects via NFS and addes a file, will she own it? Will freddy be able to see and edit it? Does it matter that the owner of the dataset is "nobody" and yet the owner is granted no access at all?

 

[Glorious1]

I'm not quite sure what you're trying to accomplish, but I tested this and seems to work, at least in my environment.

As suggested in the User Guide , create a dataset owned by user:group nobody:nobody. Check all permissions. Create a share to it.

When a user creates a file or copies one to there, it will be owned by <that user>:nobody. A file created there will have write permission for the owner only, read for everyone. So freddy's files should be readable but not editable by Mary.

If a user copies a file to that share, it will have whatever permissions it had before. So any desired permissions could be applied before copying.