Windows ACL vs Linux does matter?

Mattia3rd

Mattia3rd

Explorer
Joined
May 13, 2014
Messages
57
Hi everybody,

I have an interesting question, maybe it has been asked many other times, but this is bothering me:

I have a Dataset configured with Windows ACL and it's shared with SMB protocol.
The first time I configured the user and the group on this dataset from UI with ACL manager and everything is perfect.
Also from CLI into my FreeNAS I see the user and the group as the owners of the Dataset/folders/files.

Now comes the tricky part:
(Let's do an example)
If I add another user to this dataset (permissions doesn't matter), from ACL manager or from Windows Explorer doesn't matter, I see from CLI in the FreeNAS that the owner of the Dataset/folders/files changes from the default user to this new user.

Do I need to take care of this change?
Is this important for the ownership of files?
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,553
Mattia3rd said:
Hi everybody,

I have an interesting question, maybe it has been asked many other times, but this is bothering me:

I have a Dataset configured with Windows ACL and it's shared with SMB protocol.
The first time I configured the user and the group on this dataset from UI with ACL manager and everything is perfect.
Also from CLI into my FreeNAS I see the user and the group as the owners of the Dataset/folders/files.

Now comes the tricky part:
(Let's do an example)
If I add another user to this dataset (permissions doesn't matter), from ACL manager or from Windows Explorer doesn't matter, I see from CLI in the FreeNAS that the owner of the Dataset/folders/files changes from the default user to this new user.

Do I need to take care of this change?
Is this important for the ownership of files?
Click to expand...
What version of freenas is this?
 
Mattia3rd

Mattia3rd

Explorer
Joined
May 13, 2014
Messages
57
FreeNAS-11.3-U5

Thank you
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,553
PM me the following info:
before change:
getfacl <path to dataset>
after change:
getfacl <path to dataset>
then:
midclt call core.get_jobs | jq
(should be last entry)
 
Mattia3rd

Mattia3rd

Explorer
Joined
May 13, 2014
Messages
57
anodos said:
Do you have the "apply owner" box checked in the GUI?
Click to expand...
In the GUI, when I add a new user from the ACL manager there is only the "apply user" check box..
 
Mattia3rd

Mattia3rd

Explorer
Joined
May 13, 2014
Messages
57
anodos said:
PM me the following info:
before change:
getfacl <path to dataset>
after change:
getfacl <path to dataset>
then:
midclt call core.get_jobs | jq
(should be last entry)
Click to expand...

To follow this step I need to execute again the steps.
I'll add a new user instead, for testing. OK?
 
Mattia3rd

Mattia3rd

Explorer
Joined
May 13, 2014
Messages
57
Mattia3rd said:
To follow this step I need to execute again the steps.
I'll add a new user instead, for testing. OK?
Click to expand...

This is my current ACL configuration:
Code:
getfacl /mnt/RaidZ01/Windows/DataFilms/

# file: /mnt/RaidZ01/Windows/DataFilms/
# owner: mattia
# group: nas
group:nas:rwxpDdaARWcCo-:fd-----:allow
group:nasUsers:r-x---a-R-c---:fd-----:allow
user:mattia:rwxpDdaARWcCo-:fd-----:allow
user:emby:r-x---a-R-c---:fd-----:allow
everyone@:--------------:fd-----:allow
Click to expand...

I addded a new user "simona" to my dataset in the ACL manager with recursion, like this
1609961311414.png


This is
Code:
getfacl /mnt/RaidZ01/Windows/DataFilms/

# file: /mnt/RaidZ01/Windows/DataFilms/
# owner: mattia
# group: nas
group:nas:rwxpDdaARWcCo-:fd-----:allow
group:nasUsers:r-x---a-R-c---:fd-----:allow
user:mattia:rwxpDdaARWcCo-:fd-----:allow
user:emby:r-x---a-R-c---:fd-----:allow
user:simona:r-x---a-R-c---:fd-----:allow
everyone@:--------------:fd-----:allow
Click to expand...


"id": 989,
"type": "ALLOW",
"perms": {
"BASIC": "READ"
},
"flags": {
"BASIC": "INHERIT"
}
},
{
"tag": "USER",
"id": 1004,
"type": "ALLOW",
"perms": {
"BASIC": "READ"
},
"flags": {
"BASIC": "INHERIT"
}
}
],
"uid": null,
"gid": null,
"options": {
"recursive": true,
"traverse": false,
"stripacl": false
}
}
],
"logs_path": null,
"logs_excerpt": null,
"progress": {
"percent": 100,
"description": "Finished setting ACL.",
"extra": null
},
"result": null,
"error": null,
"exception": null,
"exc_info": null,
"state": "SUCCESS",
"time_started": {
"$date": 1609961434970
},
"time_finished": {
"$date": 1609961434122
}
}
]

two personal observations:
1. This time nothing changed, I don't know
2. I saw changes like the depicted in this photo for a particular user "emby" used with emby plugin
1609961851174.png
 
Mattia3rd

Mattia3rd

Explorer
Joined
May 13, 2014
Messages
57
anodos said:
"apply user" in this case means chown the dataset. Uncheck when adding new user to ACL.
Click to expand...
Ok I think that this could be the issue connected to my observations

I'll add more if something would change out of this way
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Windows ACL vs Linux does matter?"

Similar threads

G
SOLVED Help Understanding ACL Permission
Replies
4
Views
6K
kjemison
K
anodos
New SMB-related feature in U4
Replies
0
Views
1K
anodos
anodos
rmccullough
  • Locked
Permissions for Samba & NFS with Windows, Mac, and Linux clients
Replies
4
Views
4K
Johnny Fartpants
Johnny Fartpants
F
What am I missing about SMB sharing? (Updating permissions doesn't work)
Replies
3
Views
2K
flightrisk314
F
B
Keep Unix File Permissions on SMB ACL
Replies
1
Views
2K
William Bravin
William Bravin
Top