So, I have huge issues with getting ACL to work.
I'm running a 3x6TB RAIDZ array for a bit over 2 and a half years now, setup before the ACL times.I currently have 3 groups (Primoz, Users and Docker) and three users (Primoz, Parents and Docker, with Primoz belonging to group Primoz and Docker to group Docker, but all three users belonging to the group Users). The Docker user and group is meant for the DockerVM user (same UID, GID, username and password) and is fresh, the other two (users and groups) are older.
All was fine in the land of Primoz (accessing files from two separate Windows machines) until I tried to setup a Transmission jail and give it write access. Couldn't get it to work (could touch files from inside the jail, but Transmission wouldn't download to the same folder because no permissions), and we're talking about general shares, shared to 'Users' group. So I went the way of Docker, thinking I would just mount the CIFS share there and navigate around the jails issue.
Mounting the general shares to the Docker VM (Ubuntu) went without a problem, but mounting a share,owned by user/group Primoz, was unsuccessful. I added 'Full Control' for either the Docker user or the group, to no avail, mount reports no permissions. Mounting it with my username and password worked though, so it's a matter of ACL permissions apparently.
The clusterfsck? Playing around with it yesterday (also checking security from my WIndows box on the share), something went very wrong. The share was inaccessible by me in the morning (I turn the PC off over night). I pushed the ACL permissions (that otherwise did not change) again, but all is not well still. I have 2-hourly snapshots setup for this and a few other shares, but for this share, the last 'previous version' (pulling data from the snapshots - the snapshots are of course all present on FreeNAS) is from yesterday 21:30 (right before me playing with the permissions). On a more general share it's from 5:30 this morning (I got up and saw the issue a bit before 7, so mangled something by pushing the ACL permissions again or something). Restoring the previous versions also requested permissions from my user (with which I'm logged into Windows) and trying to restore now reports that my network mapped drive is inaccessible (while I'm looking at files on it).
I have absolutely no idea where to start fixing this, apart from building up a new server and starting fresh (with that also not necessarily making it OK...). And all the issues with giving permissions to other users through ACL make me think that I either have zero clue as to how it works and I'm doing something wrong or that it has issues of its own.
EDIT: I just removed all my snapshot, replication and share setups, reset the ACL permissions for all pools (using recursive setting) and setup the SMB shares again. No difference, the amount of visible snapshots in the previous versions is the same, I still get an error of the network drive not being available when trying to restore one of the snapshots...
Is there a way to remove ACL permissions on ALL pools and have SMB shares setup in the old way? I'm completely lost...
I'm running a 3x6TB RAIDZ array for a bit over 2 and a half years now, setup before the ACL times.I currently have 3 groups (Primoz, Users and Docker) and three users (Primoz, Parents and Docker, with Primoz belonging to group Primoz and Docker to group Docker, but all three users belonging to the group Users). The Docker user and group is meant for the DockerVM user (same UID, GID, username and password) and is fresh, the other two (users and groups) are older.
All was fine in the land of Primoz (accessing files from two separate Windows machines) until I tried to setup a Transmission jail and give it write access. Couldn't get it to work (could touch files from inside the jail, but Transmission wouldn't download to the same folder because no permissions), and we're talking about general shares, shared to 'Users' group. So I went the way of Docker, thinking I would just mount the CIFS share there and navigate around the jails issue.
Mounting the general shares to the Docker VM (Ubuntu) went without a problem, but mounting a share,owned by user/group Primoz, was unsuccessful. I added 'Full Control' for either the Docker user or the group, to no avail, mount reports no permissions. Mounting it with my username and password worked though, so it's a matter of ACL permissions apparently.
The clusterfsck? Playing around with it yesterday (also checking security from my WIndows box on the share), something went very wrong. The share was inaccessible by me in the morning (I turn the PC off over night). I pushed the ACL permissions (that otherwise did not change) again, but all is not well still. I have 2-hourly snapshots setup for this and a few other shares, but for this share, the last 'previous version' (pulling data from the snapshots - the snapshots are of course all present on FreeNAS) is from yesterday 21:30 (right before me playing with the permissions). On a more general share it's from 5:30 this morning (I got up and saw the issue a bit before 7, so mangled something by pushing the ACL permissions again or something). Restoring the previous versions also requested permissions from my user (with which I'm logged into Windows) and trying to restore now reports that my network mapped drive is inaccessible (while I'm looking at files on it).
I have absolutely no idea where to start fixing this, apart from building up a new server and starting fresh (with that also not necessarily making it OK...). And all the issues with giving permissions to other users through ACL make me think that I either have zero clue as to how it works and I'm doing something wrong or that it has issues of its own.
EDIT: I just removed all my snapshot, replication and share setups, reset the ACL permissions for all pools (using recursive setting) and setup the SMB shares again. No difference, the amount of visible snapshots in the previous versions is the same, I still get an error of the network drive not being available when trying to restore one of the snapshots...
Is there a way to remove ACL permissions on ALL pools and have SMB shares setup in the old way? I'm completely lost...
Last edited: