Hello everyone,
I'm having trouble to correctly set up permissions on SMB shares also used, on host, by Syncthing.
I read the documentation, I watched the two videos by m0nkey and searched on the forum. But I cannot wrap my mind about how to set permissions to get everything working. Syncthing is installed (as a plugin) in a jail running is a special user mapped as user syncthing on host and Syncthing folder are set to ignore permissions.
What I want
My situation is the following:
- 2 users: user1, user2
- 3 smb shares: share1, share2, shared
- I want share1 and share2 to be private to user1 and user2 respectively. Shared to be shared between the two
- I want user syncthing to have full access over all these datasets
What I've done
If I had only to deal with posix clients, I think would be able to set everything correctly using appropriate groups and setgid flag on folders. The problem arise when using ACLs.
Following m0nkey's videos, I created 3 groups: user1group, user2group and users. userx is in userxgroup and also in users. syncthing user is in all groups.
Then I set all datasets with Windows permission, owner nobody and owner group user1group, user2group and users respectively.
Then, via a Windows 10 terminal, I verified that smb permissions for user1 and user2 were ok.
The problem
But Syncthing now says permission denied. Since the user syncthing is part of all groups, by unix permissions and by ACLs should be able to write. The funny fact is that from host (not from jail) I can write in the folder.
I really don't understand what's going on. Is it possible to achieve what I want?
I'm tempted to switch to Unix permissions and let windows client sync only via Syncthing.
This post could also be inserted in plugins section, but since it's more related to permissions I think this is the more appropriate section. I'm sorry if I'm mistaken.
Thanks in advance
I'm having trouble to correctly set up permissions on SMB shares also used, on host, by Syncthing.
I read the documentation, I watched the two videos by m0nkey and searched on the forum. But I cannot wrap my mind about how to set permissions to get everything working. Syncthing is installed (as a plugin) in a jail running is a special user mapped as user syncthing on host and Syncthing folder are set to ignore permissions.
What I want
My situation is the following:
- 2 users: user1, user2
- 3 smb shares: share1, share2, shared
- I want share1 and share2 to be private to user1 and user2 respectively. Shared to be shared between the two
- I want user syncthing to have full access over all these datasets
What I've done
If I had only to deal with posix clients, I think would be able to set everything correctly using appropriate groups and setgid flag on folders. The problem arise when using ACLs.
Following m0nkey's videos, I created 3 groups: user1group, user2group and users. userx is in userxgroup and also in users. syncthing user is in all groups.
Then I set all datasets with Windows permission, owner nobody and owner group user1group, user2group and users respectively.
Then, via a Windows 10 terminal, I verified that smb permissions for user1 and user2 were ok.
The problem
But Syncthing now says permission denied. Since the user syncthing is part of all groups, by unix permissions and by ACLs should be able to write. The funny fact is that from host (not from jail) I can write in the folder.
I really don't understand what's going on. Is it possible to achieve what I want?
I'm tempted to switch to Unix permissions and let windows client sync only via Syncthing.
This post could also be inserted in plugins section, but since it's more related to permissions I think this is the more appropriate section. I'm sorry if I'm mistaken.
Thanks in advance