SMB Share Execute Permission not inherited

[Richard25000]

I am struggling with an issue related to execute permissions on exe files I place on an SMB share not inheriting the execute permissions from the parent directory.

I have an SMB share with advanced ACL applied and the permissions show correct for the software folder > software name subfolder. Permissions are set that the owner and group have full control and it is inherited down the tree.

But when copying an executable file to the share it is not executable as permissions are not inherited. If I go into the Truenas web interface and simply click apply on the ACL and replace on child objects from the top of the dataset all the correct permissions apply and the executable file is executable.

Why is inheritance being broken at the exe file, is this a setting on Truenas or is this something Windows is doing. Having to hit apply every time I store programs in this share isn't ideal.

What I find more strange is that plex seems to get inherited with the execute permission but the owner and group does not.

root@nas[...DPool/Shared/Software/CrystalDiskMark]# getfacl . # file: . # owner: Richard # group: family owner@:rwxpDdaARWcCos:fd----I:allow group@:rwxpDdaARWcCos:fd----I:allow user:plex:r-x---a-R-c---:fd----I:allow everyone@:--------------:fd----I:allow root@nas[...DPool/Shared/Software/CrystalDiskMark]# getfacl CrystalDiskMark8_0_4.exe # file: CrystalDiskMark8_0_4.exe # owner: Richard # group: family user:plex:r-x---a-R-c---:------I:allow owner@:rw-p--aARWcCos:-------:allow group@:rw-p--a-R-c--s:-------:allow everyone@:------a-R-c--s:-------:allow

 

[Richard25000]

Additional - I've reset it to owner to root:wheel and explicitly added the family group separately to the ACL with full control which now inherits fine.

But I do not understand why this is how the system works. Is this how I should be doing it? Should everything just be owned by root:wheel and explicitly add user and groups to the ACL rather than changing the ownership?

 

[Richard25000]

root@nas[...DPool/Shared/Software/CrystalDiskMark]# getfacl . # file: . # owner: root # group: wheel owner@:rwxpDdaARWcCos:fd----I:allow group@:rwxpDdaARWcCos:fd----I:allow user:plex:r-x---a-R-c---:fd----I:allow group:family:rwxpDdaARWcCos:fd----I:allow everyone@:--------------:fd----I:allow root@nas[...DPool/Shared/Software/CrystalDiskMark]# getfacl CrystalDiskMark8_0_4.exe # file: CrystalDiskMark8_0_4.exe # owner: richard # group: wheel user:plex:r-x---a-R-c---:------I:allow group:family:rwxpDdaARWcCos:------I:allow owner@:rw-p--aARWcCos:-------:allow group@:r-----a-R-c--s:-------:allow everyone@:r-----a-R-c--s:-------:allow

 

[anodos]

process / client is probable performing chmod to alter mode of file. If you created dataset with our SMB preset it sets aclmode to "restricted" which prevents this from happening (chmod(2) instead fails).

 

[anodos]

owner@, group@, everyone@ entries may also be altered by umask. This is normal unix stuff. If you're managing mixed local / SMB access the easiest thing to do to ensure that a particular group has rights is to do what you did with plex entry. Grant everything you need there.