Preventing the wife from deleting everything

[James Mason]

Hi. I've read up as much as I can on this and I can't find an answer to this specific question. Quite simply, I am trying to create the following setup:

1 single dataset as the entire storage on this FreeNAS machine that 2 accounts can access
My account has full read/write/modify access to everything
My wife's account has read only access to everything, plus write/modify access to one folder, which is hers to do as she pleases

The idea here is that she isn't very techy so is quite likely to delete (or more likely move) some of our shared media or something whilst trying to access it, but she has her own folder which she can do whatever she wants with.

Would it be easier to give her her own dataset alongside the shared dataset or have a single dataset where she has read only access to a single folder within that single dataset?

Thanks in advance. I can't be the only one who requires this exact setup for this exact reason

 

[jgreco]

You can do anything from a simple permissions based solution all the way on up to an extravagant snapshot-based solution that has some additional "oops" benefits that also cover your own inadvertent errors.

The permissions thing will depend on what you're using (AFP, CIFS, NFS) but is generally straightforward.

Setting the NAS to do a weekly or monthly snapshot for an indefinite length of time is also not too hard to set up. The main downside is that if you're constantly adding and removing things (not just shuffling them around), the data will remain until the last snapshot that references it is gone.

 

[James Mason]

Thanks for the suggestion.

I like the idea of snapshots as a separate safeguard, but (unless I misunderstand) they won't help if a folder is accidentally moved into a different folder and I don't notice that it has happened because it's something I rarely use.

A permission based solution is what I'm looking for but as I'm very new to this I'm unsure of the direction to go in - whether to set up a separate dataset for her to use, or whether it would be better to (or even possible) to have a folder inside the shared dataset that she can have full read/write access to, with read only access to everything else?

If it matters, we both use Ubuntu on our machines but there is also a Windows machine that needs to access it, as well as a couple of Android devices.

 

[jgreco]

It isn't an either/or proposition. You can do snapshots *AND* permissions. For example, for the office fileserver here, I can roll back years and see what the contents were in June of 2014 if I want.

For permissions, it is dependent on what you're using (AFP, CIFS, NFS) because Windows in particular has a bunch of finicky options that it'd be better for someone else to explain (I'm not a Windows guy). For UNIXy stuff like AFP or NFS, it might not need to be more complicated than just setting UNIX permissions appropriately and then manually granting access in cases where you want to make exceptions.

Code:

chown -Rf user1:ourgroup /mnt/pool/user1
chown -Rf user2:ourgroup /mnt/pool/user2
chmod -Rf u=rwX,g=rX,o= /mnt/pool/user1 /mnt/pool/user2

is probably a reasonable start at a rational user permissions where you want only user1 and user2 to be able to read files, and each user to write their own files, but you can override as desired. CIFS may be completely different.

 

[anodos]

Regarding SMB and complex ACLS. You can do this from the CLI if you have already created a dataset /mnt/pool/smb_share, and if you have two groups (smb_admins, smb_users)

Code:

setfacl -m g:smb_admins:full_set:fd:allow,g:smb_users:rxaRc:fd:allow,owner@:full_set:fd:allow,group@::fd:allow,everyone@::fd:allow /mnt/pool/smb_share
mkdir /mnt/pool/smb_share/wifes_stuff
setfacl -m g:smbusers:modify_set:fd:allow /mnt/pool/smb_share/wifes_stuff

If you share out "smb_share", then members of smb_admins will be able to write everywhere and members of smb_users will have read access everywhere and write access to "wifes_stuff". The ACLs are configured to inherit so any newly created directory will have the ACL of the parent directory.

There is a caveat: if you choose to move (not copy) a directory from outside of "wifes_stuff" folder to inside wife_stuff, then smb_users will still only have read access to the directory (ACL is not re-written because we're just re-linking the directory).