Hello,
could anyone help me to set ACL for write-only folder, please? Use case: I have an application that produces backup (folder with files) every day and I would like to dedicate one folder for backups where the application can save these backups but it can not modify existing files/folders that it creates in the past.
I create a dedicated user for backup upload, create a folder, remove inherited existing permissions and add write permissions for user to folder. This does not work as requested because the owner of files has full access in default FreeNAS settings (CREATOR OWNER has full access), so it can also remove previously created files.
I try the same (w/o file read permission) on Windows Server shares and it works fine w/o CREATOR OWNER defined - I only set 'Write' + 'List Folder Content' for the user.
Current folder permission on FreeNAS server - I try to setup read/write allowed, modify/delete denied:
User
This Folder
X Traverse Folder/Execute File
X List Folder/Read Data
X Read Attributes
X Read Extended Attributes
X Create Files/Write Data
X Create Folders/Append Data
X Write Attributes
X Write Extended Attributes
Delete Subfolders and Files
Delete
X Read Permissions
Change Permissions
Take Ownership
CREATOR OWNER
Subfolders
X Traverse Folder/Execute File
X List Folder/Read Data
X Read Attributes
X Read Extended Attributes
X Create Files/Write Data
X Create Folders/Append Data
X Write Attributes
X Write Extended Attributes
Delete Subfolders and Files
Delete
X Read Permissions
Change Permissions
Take Ownership
CREATOR OWNER
Files
X Traverse Folder/Execute File
X List Folder/Read Data
X Read Attributes
X Read Extended Attributes
X Create Files/Write Data
Create Folders/Append Data
Write Attributes
Write Extended Attributes
Delete Subfolders and Files
Delete
X Read Permissions
Change Permissions
Take Ownership
All works fine but user can delete files and folders because CREATOR OWNER has enabled 'Delete Subfolders and Files'. When I delete it, save and check - it is still enabled, I can not disable it when 'Create Files/Write Data' is enabled.
Any ideas how to setup permissions to allow only write + read and nothing else (no modify/delete)?
Thanks!
could anyone help me to set ACL for write-only folder, please? Use case: I have an application that produces backup (folder with files) every day and I would like to dedicate one folder for backups where the application can save these backups but it can not modify existing files/folders that it creates in the past.
I create a dedicated user for backup upload, create a folder, remove inherited existing permissions and add write permissions for user to folder. This does not work as requested because the owner of files has full access in default FreeNAS settings (CREATOR OWNER has full access), so it can also remove previously created files.
I try the same (w/o file read permission) on Windows Server shares and it works fine w/o CREATOR OWNER defined - I only set 'Write' + 'List Folder Content' for the user.
Current folder permission on FreeNAS server - I try to setup read/write allowed, modify/delete denied:
User
This Folder
X Traverse Folder/Execute File
X List Folder/Read Data
X Read Attributes
X Read Extended Attributes
X Create Files/Write Data
X Create Folders/Append Data
X Write Attributes
X Write Extended Attributes
Delete Subfolders and Files
Delete
X Read Permissions
Change Permissions
Take Ownership
CREATOR OWNER
Subfolders
X Traverse Folder/Execute File
X List Folder/Read Data
X Read Attributes
X Read Extended Attributes
X Create Files/Write Data
X Create Folders/Append Data
X Write Attributes
X Write Extended Attributes
Delete Subfolders and Files
Delete
X Read Permissions
Change Permissions
Take Ownership
CREATOR OWNER
Files
X Traverse Folder/Execute File
X List Folder/Read Data
X Read Attributes
X Read Extended Attributes
X Create Files/Write Data
Create Folders/Append Data
Write Attributes
Write Extended Attributes
Delete Subfolders and Files
Delete
X Read Permissions
Change Permissions
Take Ownership
All works fine but user can delete files and folders because CREATOR OWNER has enabled 'Delete Subfolders and Files'. When I delete it, save and check - it is still enabled, I can not disable it when 'Create Files/Write Data' is enabled.
Any ideas how to setup permissions to allow only write + read and nothing else (no modify/delete)?
Thanks!
