Thanks, AndroGen. I changed the structure of my datasets to avoid nested datasets.
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Newbie struggling to get permissions and ACL configured
- Thread starter James
- Start date
- Joined
- May 19, 2017
- Messages
- 1,829
Nested data sets (at least if I understand you correctly) do have their place. For example, let’s say you want to have a multi-user repository for TimeMachine backups yet the convenience of being able to back them up in one go. Well, a nested data set makes that possible - each user gets a share consisting of a sub directory within a top level share that is only accessible to the admin.
With access based enumeration, encryption, and no browsable TimeMachine shares (once they have been set up), there is also minimal risk with folk being able to mess each other’s shares up. But in this example, there is only one user conducting top-level backups.
Yet there always is the risk that any time machine activity during the backup will toast the integrity of said backup. So ideally, restrict the time machine backups to a window when the top level is not backing up. That way, everything can coexist peacefully.
With access based enumeration, encryption, and no browsable TimeMachine shares (once they have been set up), there is also minimal risk with folk being able to mess each other’s shares up. But in this example, there is only one user conducting top-level backups.
Yet there always is the risk that any time machine activity during the backup will toast the integrity of said backup. So ideally, restrict the time machine backups to a window when the top level is not backing up. That way, everything can coexist peacefully.
AndroGen
Dabbler
- Joined
- Jan 19, 2019
- Messages
- 47
My understanding from further exploration of this topic: Nested datasets can be used, but only lowest level can be used for SMB share. if the upper node is used for SMB - all sorts of funky things start happening.
Still, I might be wrong, this is my conclusion based on the read posts here and on other sites in the internet.
- Joined
- May 19, 2017
- Messages
- 1,829
Oplocks and the like should minimize issues. However, it is never a good idea to rely on the NAS to ensure that the file is going to stay happy. Issues with sharing files via OneDrive continue to drive me to distraction.
Hence my suggestion to limit access to said files by planning on when each user will be accessing/modifying them. In extreme cases, simply make the lower-level shares unavailable during top-level backups and re-enable them post-backup. Or use a different technology like sending ZFS snapshots rather than relying on rsync running on top of SMB, for example. Frequent snapshots may be a band-aid here.
However, I prefer setting time / access limits on Time Machine and like programs when setting them up on a individual machine to ensure that they complete their task outside the windows for snapshots and like backup programs. A backup that completed 99% is not very helpful if a resulting restore gets corrupted by the missing 1%.
Hence my suggestion to limit access to said files by planning on when each user will be accessing/modifying them. In extreme cases, simply make the lower-level shares unavailable during top-level backups and re-enable them post-backup. Or use a different technology like sending ZFS snapshots rather than relying on rsync running on top of SMB, for example. Frequent snapshots may be a band-aid here.
However, I prefer setting time / access limits on Time Machine and like programs when setting them up on a individual machine to ensure that they complete their task outside the windows for snapshots and like backup programs. A backup that completed 99% is not very helpful if a resulting restore gets corrupted by the missing 1%.
Last edited:
Similar threads
