cannfoddr
Dabbler
- Joined
- Nov 28, 2021
- Messages
- 12
I am new to TrueNAS and Scale and to some extent ACLs on UNIX - I do have a security background so not a total novice.
I have a Dataset /POOL1/Media/Movies which I originally set up with owner and group set to my id xxx. I setup ACLs to allow access and everything was working as expected and I was able to rsync a whole bunch of files from my Synology NAS into the shared Directory.
I then realised that the Plex App was sort of expecting the files to be owned by root:root. I played around with permissions and was able to get access working. Further reading around btruecharts suggests that root:root is still the preferred ownership model.
I decided to start again with permissions and removed the ACLs and recreated them as follows:
My intention here is that user <me> and group <media> has access to the data. I want to update all the existing files so I ticked:
I click Save and everything seems OK.
If I mount the share I can create files and directories but I have no permissions to navigate the existing directory tree or see any files
I logged into the shell to check ACLs:
The root Movies has my ACL entries but the subdirectory has not inherited the ACLs as I expected.
I just experiments using setfacl and can change the acl on gateway_1 to be what I want:
I guess I could add the -R flag to recurse all files but this seems like a kludge
What am I missing? How do I get my ACL changes to propagate to existing files using the UI?
I have a Dataset /POOL1/Media/Movies which I originally set up with owner and group set to my id xxx. I setup ACLs to allow access and everything was working as expected and I was able to rsync a whole bunch of files from my Synology NAS into the shared Directory.
I then realised that the Plex App was sort of expecting the files to be owned by root:root. I played around with permissions and was able to get access working. Further reading around btruecharts suggests that root:root is still the preferred ownership model.
I decided to start again with permissions and removed the ACLs and recreated them as follows:
My intention here is that user <me> and group <media> has access to the data. I want to update all the existing files so I ticked:
I click Save and everything seems OK.
If I mount the share I can create files and directories but I have no permissions to navigate the existing directory tree or see any files
I logged into the shell to check ACLs:
Code:
[sudo] password for adrian: root@truenas[/]# cd /mnt/POOL1/Media root@truenas[/mnt/POOL1/Media]# getfacl Movies # file: Movies # owner: root # group: root user::rwx user:adrian:rwx group::rwx group:media:rwx mask::rwx other::--- default:user::rwx default:group::rwx default:other::--- root@truenas[/mnt/POOL1/Media]# cd Movies root@truenas[/mnt/POOL1/Media/Movies]# getfacl gateway_1 # file: gateway_1 # owner: root # group: root user::rwx group::rwx other::--- default:user::rwx default:group::rwx default:other::--- root@truenas[/mnt/POOL1/Media/Movies]#
The root Movies has my ACL entries but the subdirectory has not inherited the ACLs as I expected.
I just experiments using setfacl and can change the acl on gateway_1 to be what I want:
Code:
root@truenas[/mnt/POOL1/Media/Movies]# setfacl -m u:adrian:rwx gateway_1 root@truenas[/mnt/POOL1/Media/Movies]# getfacl gateway_1 # file: gateway_1 # owner: root # group: root user::rwx user:adrian:rwx group::rwx mask::rwx other::--- default:user::rwx default:group::rwx default:other::--- root@truenas[/mnt/POOL1/Media/Movies]# setfacl -m g:media:rwx gateway_1 root@truenas[/mnt/POOL1/Media/Movies]# getfacl gateway_1 # file: gateway_1 # owner: root # group: root user::rwx user:adrian:rwx group::rwx group:media:rwx mask::rwx other::--- default:user::rwx default:group::rwx default:other::---
I guess I could add the -R flag to recurse all files but this seems like a kludge
What am I missing? How do I get my ACL changes to propagate to existing files using the UI?