francisaugusto
Contributor
- Joined
- Nov 16, 2018
- Messages
- 153
Hi,
I have a scanner that can upload files to smb servers. My idea is to have a folder structure on TrueNAS resembling this:
The idea is that files uploaded to the folders could only be readable by the respective user, but a user called `scanner` should be able to write (but not read) to all folders.
The folders have writeable permissions for a group called `scan`, where the scanner user, and all the other users, are members. That's how the `scanner` user can write to th folders, but not read them.
I managed to do this using `nfs4_setfacl -e` to each folder, but if I don't set any inheritance permissions (ie., I leave it like it is). the new files are owned by the `scanner` user and not readable by anyone else. When I set `fd-----I`, then the are readable by everyone, including others.
Is there a way to make these files only readable by the group and/or the folder owner?
I found it pretty confusing because when I read the `nfs4_setfacl` manual, the permission options seem to differ from those available. For example, `t` and `T` do not seem available to be used.
And what's the sintaxe to add another single user to the folder's ACL using `nfs4-setfacl -e`?
Best,
Francis
I have a scanner that can upload files to smb servers. My idea is to have a folder structure on TrueNAS resembling this:
scans
|_ usera
|_ userb
|_ allusers
The idea is that files uploaded to the folders could only be readable by the respective user, but a user called `scanner` should be able to write (but not read) to all folders.
The folders have writeable permissions for a group called `scan`, where the scanner user, and all the other users, are members. That's how the `scanner` user can write to th folders, but not read them.
I managed to do this using `nfs4_setfacl -e` to each folder, but if I don't set any inheritance permissions (ie., I leave it like it is). the new files are owned by the `scanner` user and not readable by anyone else. When I set `fd-----I`, then the are readable by everyone, including others.
Is there a way to make these files only readable by the group and/or the folder owner?
I found it pretty confusing because when I read the `nfs4_setfacl` manual, the permission options seem to differ from those available. For example, `t` and `T` do not seem available to be used.
And what's the sintaxe to add another single user to the folder's ACL using `nfs4-setfacl -e`?
Best,
Francis