Protection issues

[David Dyer-Bennet]

I created a "local" dataset in my new pool as a location for home directories of local users (so they could have public keys). I created a user. And I now find I'm unable to change the protection of pretty much anything in any way; I can't do it as the user and I can't do it as root, and it looks like the default ACL that got set up should be allowing me.

So, what's up with the protection, and is there some automated way to create local home directories that doesn't hit this problem? I have, historically, had *very* bad relationships with ACL schemes.

Here's me demonstrating how things are protected, and showing failure to change protections:

Code:

                                                       
[ddb@zzbackup ~]$ ls -al                                                       
total 3                                                                        
drwxrwxr-x+ 3 ddb   wheel  3 Dec  7 03:02 .                                    
drwxrwxr-x+ 3 root  wheel  4 Dec  7 03:01 ..                                   
drwxrwxr-x+ 2 ddb   ddb    3 Dec  7 03:02 .ssh                                 
[ddb@zzbackup ~]$ id                                                           
uid=1001(ddb) gid=1001(ddb) groups=1001(ddb),0(wheel)                          
[ddb@zzbackup ~]$ chmod g-w .ssh                                               
chmod: .ssh: Operation not permitted                                           
[ddb@zzbackup ~]$ chmod 775 .ssh                                               
chmod: .ssh: Operation not permitted                                           
[ddb@zzbackup ~]$ exit                                                         
exit                                                                           
[root@zzbackup /mnt/zzback/local/ddb]# id                                      
uid=0(root) gid=0(wheel) groups=0(wheel)                                       
[root@zzbackup /mnt/zzback/local/ddb]# chmod 755 .ssh                          
chmod: .ssh: Operation not permitted                                           
[root@zzbackup /mnt/zzback/local/ddb]# getfacl .ssh                            
# file: .ssh                                                                   
# owner: ddb                                                                   
# group: ddb                                                                   
            owner@:rwxpDdaARWcCos:fd----:allow                                 
            group@:rwxpDdaARWcCos:fd----:allow                                 
         everyone@:r-x---a-R-c---:fd----:allow                                 
[root@zzbackup /mnt/zzback/local/ddb]# ^C                                      
[root@zzbackup /mnt/zzback/local/ddb]#                                         
                                                      

 

[dlavigne]

What type of dataset did you create (Share Type)?

 

[SweetAndLow]

You are most likely using Windows dataset permissions and should be making these modifications through the windows security GUI.

 

[David Dyer-Bennet]

Share is windows (SMB). The main purpose of the dataset, though, is local home directory for users (me) on the FreeNAS box.

 

[SweetAndLow]

if you want to just use the dataset for local user access via ssh or ftp then you might want to make it a unix dataset. Or you can learn how to use getfacl and setfacl to configure your permission correctly via the CLI.