How to set the user not allow to delete a file or folder in FreeNAS

[skyyxy]

Hi everybody here, I have a small problem and researched for longtime and no lucky, really hope somebody can help me. Thanks a advance!!!!
I have a FreeNAS server, ran afp and cifs share for mac osx/win and created 3 users for 3 peoples, the name called: master/cc1/cc2
The master is the share folder owner and cc1/cc2 both just normal users.
I want the cc1/cc2 both can't delete any file and any folder but can read and write or create the folder in share folder. And the master can do anything.
In FreeNAS share folder permission setting page I just saw the permission is: read write and execute and not options can limit the user to delete file or folder but it's very important for me.
Anybody can help me with it? Big thanks.

I tried to change the permission Type to Windows and set the permission as I want in Windows7 or 10 but its not works for me,I really don't know why.

 

[Artion]

Please post your server specs and FreeNAS version. Also describe the procedure you followed to create the datasets and shares.

Inviato dal mio YD201 utilizzando Tapatalk

 

[anodos]

Hi everybody here, I have a small problem and researched for longtime and no lucky, really hope somebody can help me. Thanks a advance!!!!
I have a freenas server, ran afp and cifs share for mac osx/win and created 3 users for 3 peoples, the name called: master/cc1/cc2
The master is the share folder owner and cc1/cc2 both just normal users.
I want the cc1/cc2 both can't delete any file and any folder but can read and write or creat the folder in share folder. And the master can do anything.
In freenas share folder permission setting page I just saw the permission is: read wirte and execute and not options can limit the user to delete file or folder but it's very important for me.
Anybody can help me with it? Big thanks.

I tried to change the permission Type to Windows and set the permission as I want in Windows7 or 10 but its not works for me,I really dont know why.

Watch this video for demonstration of how to set permissions. https://www.youtube.com/watch?v=RxggaE935PM
You may need to add an explicit "deny write" permission for the group in question through the windows File Explorer ACL editor because in the ZFS ACL world "modify" implies "delete".

 

[fracai]

I think you want to use the "sticky bit" on the folders that you want to protect.
Directories with sticky set will only allow the owning user to delete files from within.

> chmod +t

https://serverfault.com/questions/125320/chmod-to-prevent-deletion-of-file-directory

 

[anodos]

I think you want to use the "sticky bit" on the folders that you want to protect.
Directories with sticky set will only allow the owning user to delete files from within.

> chmod +t

https://serverfault.com/questions/125320/chmod-to-prevent-deletion-of-file-directory

I believe if you go this route, you will have to temporarily change the aclmode on the dataset to "passthrough" in order to allow chmod, then switch back to "restricted" afterwards.

Code:

zfs set aclmode=passthrough pool/dataset
<chmod>
zfs set aclmode=restricted pool/dataset

 

[cobrakiller58]

I just tested this using Windows 10 to set permission in FreeNAS 11u4 of a specific folder to allow read/write/execute but disallow delete and it worked correctly. My share is a windows share to begin with and I was using a android device to test changes to the permissions, no AD setup just users added via FreeNAS GUI.