Hello all,
I wanted to summarize some tips for those that may have tried following the craft computing tutorial. First of all it was great and it really helped me ramp up my understanding on how to setup permissions for Truenas.
Here are the links for convenience:
www.youtube.com
www.youtube.com
So overall I did follow the guide but later realized there was a missed/skipped step that might have taken place separately without a mention of it in the 2nd video. Or I am just having issues without full understanding of the system.
Again, this is for those that followed the guide but had issues like me, since I was not that familiar with how permissions worked.
Setting up the pool was pretty straight forward in the 1st video so that worked.
When following video 2 that is where I started to have problems. After he sets up his dataset and starts changing the owner and group of the path from root and wheel to anything else. In my case, I changed the user from root to dirfiler and group wheel to sharegroup and gave both full control, I could not login as dirfiler and any group member in sharegroup could not log in either. But if I reverted to user root and group wheel, it was working without issues.
After trying different user and group variations with differing levels of permissions, I decided to rewatch the videos to check if I missed anything. In the first video I saw that the pool path permissions where chmod [ed] to chmod 770 /mnt/nameofpool. This change gives the user owner of the directory full control and also the group of the directory full control and left others without any permissions. This seems reasonable but as I was reading the permissions doc more closely I noticed something that made sense why my changes although reflected in the terminal and in the gui were not actually working as expected. If you read here: https://www.truenas.com/docs/core/storage/pools/permissions/
it says right below the first image "Dataset Path shows the full pathway to this dataset. This is set when the dataset is created and cannot be changed. " And in the image you see that the original owner is root and the original group is wheel, so since this cannot be changed then it is safe to assume that permissions in access mode needs to be given to others section if you wish to add an additional group(s) or user(s) to have access to the dataset or if you want to change the owner and group of the dataset path.
My intention was to remove root owner and wheel group as original owners to the dataset and replace it with my own user and group/s. But it turns out, at least to my understanding of the documentation and the tutorial, that, that is not the case. If you want to give other groups other than wheel, you have to make modifications to the dataset path and at least in my case use chmod 777 /mnt/pool/dataset.
And I think that is what was missed in the second video, I think, I could be wrong but perhaps behind the scenes, permissions were given to others which enabled the modification of owner and groups. Or maybe I my fix was just a lucky guess.
Anyway, if anyone has the same issue, you can try what I did. I hope I was clear but I am sure I am overlooking something and it can be pointed out.
FYI:
Platform: Generic
Version:
TrueNAS-12.0-U5.1
Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
RAIDZ2
Best of luck!
I wanted to summarize some tips for those that may have tried following the craft computing tutorial. First of all it was great and it really helped me ramp up my understanding on how to setup permissions for Truenas.
Here are the links for convenience:
TrueNAS CORE 12.0 Install Tutorial
This video tutorial should be all you need to get your first install of TrueNAS Core up and running. I'll take you through creating a USB Install disk, Insta...
www.youtube.com
TrueNAS CORE 12.0 Tutorial - Datasets, Permissions, Snapshots
This tutorial is all about User Permissions, ACLs, Datasets and Snapshots for TrueNAS Core 12.0 ( formerly FreeNAS ). If you're wondering how to set these up...
www.youtube.com
So overall I did follow the guide but later realized there was a missed/skipped step that might have taken place separately without a mention of it in the 2nd video. Or I am just having issues without full understanding of the system.
Again, this is for those that followed the guide but had issues like me, since I was not that familiar with how permissions worked.
Setting up the pool was pretty straight forward in the 1st video so that worked.
When following video 2 that is where I started to have problems. After he sets up his dataset and starts changing the owner and group of the path from root and wheel to anything else. In my case, I changed the user from root to dirfiler and group wheel to sharegroup and gave both full control, I could not login as dirfiler and any group member in sharegroup could not log in either. But if I reverted to user root and group wheel, it was working without issues.
After trying different user and group variations with differing levels of permissions, I decided to rewatch the videos to check if I missed anything. In the first video I saw that the pool path permissions where chmod [ed] to chmod 770 /mnt/nameofpool. This change gives the user owner of the directory full control and also the group of the directory full control and left others without any permissions. This seems reasonable but as I was reading the permissions doc more closely I noticed something that made sense why my changes although reflected in the terminal and in the gui were not actually working as expected. If you read here: https://www.truenas.com/docs/core/storage/pools/permissions/
it says right below the first image "Dataset Path shows the full pathway to this dataset. This is set when the dataset is created and cannot be changed. " And in the image you see that the original owner is root and the original group is wheel, so since this cannot be changed then it is safe to assume that permissions in access mode needs to be given to others section if you wish to add an additional group(s) or user(s) to have access to the dataset or if you want to change the owner and group of the dataset path.
My intention was to remove root owner and wheel group as original owners to the dataset and replace it with my own user and group/s. But it turns out, at least to my understanding of the documentation and the tutorial, that, that is not the case. If you want to give other groups other than wheel, you have to make modifications to the dataset path and at least in my case use chmod 777 /mnt/pool/dataset.
And I think that is what was missed in the second video, I think, I could be wrong but perhaps behind the scenes, permissions were given to others which enabled the modification of owner and groups. Or maybe I my fix was just a lucky guess.
Anyway, if anyone has the same issue, you can try what I did. I hope I was clear but I am sure I am overlooking something and it can be pointed out.
FYI:
Platform: Generic
Version:
TrueNAS-12.0-U5.1
Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
RAIDZ2
Best of luck!
