security

[Vamp]

Hi to all

I am new to freenas so please forgive me if this has all ready been asked.
I wont to build a Nas system that I can use for films & music and I would like to do it so as my family can upload and download from the system but I need to fined out how to make it so as I am the only one that can delete from the system.

Thank you for the help
Vamp

 

[Inxsible]

Hi to all

I am new to freenas so please forgive me if this has all ready been asked.
I wont to build a Nas system that I can use for films & music and I would like to do it so as my family can upload and download from the system but I need to fined out how to make it so as I am the only one that can delete from the system.

Thank you for the help
Vamp

Look into permissions. If you set the correct permissions on your dataset, you can achieve what you want.

 

[Vamp]

Look into permissions. If you set the correct permissions on your dataset, you can achieve what you want.

Thanks for that but I have not yet built the system yet I am just doing some research be for I build. So if I read you right I would have to set the read wright permissions on each user.?

 

[Inxsible]

Thanks for that but I have not yet built the system yet I am just doing some research be for I build. So if I read you right I would have to set the read wright permissions on each user.?

no. you'd have to set the correct permissions on each dataset or folder

 

[Vamp]

no. you'd have to set the correct permissions on each dataset or folder

I C I've got you, so I will need to set each file read wright permissions Thank you for that. Could you not do the same thing for each user e.g I am admin so I can do what I wont but you as a Guest can up/download watch or listen but can not delete anything.? On some of the installs of Nas that I have seen I am sure that's possible.

 

[Inxsible]

I C I've got you, so I will need to set each file read wright permissions Thank you for that. Could you not do the same thing for each user e.g I am admin so I can do what I wont but you as a Guest can up/download watch or listen but can not delete anything.? On some of the installs of Nas I am sure that's possible.

I was talking about basic Unix permissions and you don't have to do it on each file, although you can get that fine grained, if you really wanted.

What you are talking about is Roles and authorization. That can be achieved via LDAP or Active Directory, but I doubt you'd have that in most home based FreeNAS installations. But if you have one of those options then, sure, you can set up roles and authorizations in any way you want.

 

[anodos]

With ZFS ACLs, write implies delete. You're asking about making a share that is WORM. There's actually a Samba VFS module for this "vfs_worm". You will need to create two shares
1) Your "full control" share. Access controlled by the "Share ACL" (you can manipulate via sharesec CLI utility)
2) Your family's share with VFS_worm enabled.

Both samba shares point to the same underlying ZFS dataset. Sorry that I can't go more into detail here, but that should at least get you started. ;)