Is there a way of restricting the acces to data for different users and different computers?
This is the situation I have:
I have two computers: PC1 and PC2. PC1 has two users: U1, U2. PC2 has another two users: U3 and U4. The structure is as follows:
/mnt/NAS/
Common/
U1/
U2/
U3/
U4/
U1/
U2/
U3/
U4/
What I would like to have for U1 is full control over everything in /mnt/NAS as it'll be sort of an admin account other than root so it could manage data over network. For the remaining users I would like:
- full control of /mnt/NAS/U2, /mnt/NAS/Common/U2 and /mnt/NAS/Common/
- read only for other users' folders in /mnt/NAS/Common/U1, U3 and U4
- inaccesible (and not visible) directories: /mnt/NAS/U1, U3 and U4
Same pattern follows the remaining users: full control over their folders and Common, read only for other users' folders in /mnt/NAS/Common and inaccessible and invisible other folders in /mnt/NAS. In addition, any other computer should not be able to access, see and edit data stored on the NAS server.
Right now each user on each computer can see, access and edit every data in /mnt/NAS. So far, I have created four users in NAS so I have four home directories (not visible in Freenas -> Storage -> Active volumes) and created a dataset Common with sub datasets for each user. There are five groups: U1, U2, U3, U4 and Common. Common includes every user while the rest includes the respective users only.
How do I arrange the rights, ownership and IP allowance to achieve the desired effect?