Intel
Explorer
- Joined
- Sep 30, 2014
- Messages
- 51
I'm having a hard time with NFSv4/SMB permissions when nesting multiple datasets. There seems to be a bug somewhere since the "Strip ACL" option does show up when I create a dataset right below my data_pool but doesn't return after I create children 'datasets' underneath.
I'm following this tutorial: https://youtu.be/QIdy6sR0HrI?t=412
My setup so far:
- created a local_group 'acl-media'
- created 2 users, added to 'acl-media'
- created 'pool/media' used "SMB" type and setup the ACL as the video shows. Used the group as owner of this parent dataset.
- tested by using NFS (mapalluser + mapallgroup to match one of the users and the one group) and SMB. I can write and it shows up with the right UID/GID.
Now it gets hairy, I create sub-datasets "movies" and "tv" I set to inherit expecting things to just work from the ACL settings in the 'pool/media' but this is not the case.
I was trying to 'nuke all the ACLs' to try again and the button doesn't show up at all anywhere in the TrueNAS Scale GUI.
What am I missing?
I'm following this tutorial: https://youtu.be/QIdy6sR0HrI?t=412
My setup so far:
- created a local_group 'acl-media'
- created 2 users, added to 'acl-media'
- created 'pool/media' used "SMB" type and setup the ACL as the video shows. Used the group as owner of this parent dataset.
- tested by using NFS (mapalluser + mapallgroup to match one of the users and the one group) and SMB. I can write and it shows up with the right UID/GID.
Now it gets hairy, I create sub-datasets "movies" and "tv" I set to inherit expecting things to just work from the ACL settings in the 'pool/media' but this is not the case.
I was trying to 'nuke all the ACLs' to try again and the button doesn't show up at all anywhere in the TrueNAS Scale GUI.
What am I missing?
root@pgn:/gdata# ls -lah
total 20K
drwxrwx--- 8 1000 1001 8 Aug 21 03:49 .
drwxr-xr-x 19 root root 25 Aug 21 03:10 ..
drwxr-xr-x 2 root 1001 2 Aug 21 03:44 dataset
drwxr-xr-x 2 root 1001 2 Aug 21 03:47 movies
drwxrwx--- 2 1000 1001 2 Aug 21 02:48 'New folder'
drwxr-xr-x 2 root 1001 2 Aug 21 03:49 SMBtype
drwxrwx--- 2 root root 2 Aug 21 02:38 tv
drwxrwxrwx 2 1000 1001 2 Aug 21 03:31 yelp
root@pgn:/gdata# touch SMBtype/testme
touch: cannot touch 'SMBtype/testme': Permission denied
root@pgn:/gdata# touch tv/ok
touch: cannot touch 'tv/ok': Permission denied
root@pgn:/gdata# touch movies/alright
touch: cannot touch 'movies/alright': Permission denied
root@pgn:/gdata# mount | grep /gdata
100.64.0.1:/mnt/g2/media on /gdata type nfs4 (rw,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=100.64.0.254,local_lock=none,addr=100.64.0.1)