CIFS permissions

[anodos]

Actually, it seems like that's exactly what happens: the zfsacl vfs object does break Unix permissions, at least partially.

I realize this thread is starting to get a bit old, but what FlynnVT was describing as his problem was almost exactly what I was finding on my CIFS shares with Unix permissions: users could create new files, but modifying existing ones proved troublesome. I was glad to see that I wasn't the only one having this problem, so I dug into it a bit more on a test system, and I was able to reliably reproduce serious permissions problems due to "zfsacl" being set on my CIFS share, which was using Unix permissions.

I filed bug report #11390, and much to my surprise I was told that Unix permissions are not supported with CIFS shares, period. The bug goes on to request a documentation change because I don't think this is made clear in the official docs.

I just wanted to share that critical bit of information right here because several people in this thread seem be under the impression (as I was until very recently) that Unix permissions ought to work fine with a CIFS share when, in fact, this is not the case, and the FreeNAS developers never intended the Unix/CIFS combination to be used at all. Knowing that would have saved me a bunch of headaches.

Thanks for posting this. I was wondering why they didn't allow removing that particular vfs object and its related nfsv4 parameters. I'll adjust advice to people experiencing permissions problems accordingly. Considering the constant problems people seem to have with permissions, it's probably wise to just focus on supporting a single permissions type and make sure it works properly.

 

[SweetAndLow]

Actually, it seems like that's exactly what happens: the zfsacl vfs object does break Unix permissions, at least partially.

I realize this thread is starting to get a bit old, but what FlynnVT was describing as his problem was almost exactly what I was finding on my CIFS shares with Unix permissions: users could create new files, but modifying existing ones proved troublesome. I was glad to see that I wasn't the only one having this problem, so I dug into it a bit more on a test system, and I was able to reliably reproduce serious permissions problems due to "zfsacl" being set on my CIFS share, which was using Unix permissions.

I filed bug report #11390, and much to my surprise I was told that Unix permissions are not supported with CIFS shares, period. The bug goes on to request a documentation change because I don't think this is made clear in the official docs.

I just wanted to share that critical bit of information right here because several people in this thread seem be under the impression (as I was until very recently) that Unix permissions ought to work fine with a CIFS share when, in fact, this is not the case, and the FreeNAS developers never intended the Unix/CIFS combination to be used at all. Knowing that would have saved me a bunch of headaches.

I was one of the people who always said unix permissions worked with cifs shares. Looks like I need to change my advice and do some testing to see what is currently working and what isn't.

 

[misha88]

Been Messing around with this for awhile and can't think, Can you help with the fix/workaround to get the capability to modify/add files from the cifs share

 

[SweetAndLow]

Been Messing around with this for awhile and can't think, Can you help with the fix/workaround to get the capability to modify/add files from the cifs share

make user, make dataset with windows permissions, make user the owner of dataset, create share for dataset and don't make it guest accessible. Mount share and go to town with it.

 

[William Bravin]

@SweetAndLow I am planning to build my own NAS and was thinking about using freeNas as my platform.

However this thread makes me worry a bit for the following reasons:
A) I am not a programmer but i am computer savvy
B) I am coming from a situation of having all my date on a buffalo Linkstation 4 and the linkstation decided to bite the bullet. So instead of purchasing a new linkstation (which is a single point of failure) and let it happen again I decided to build my own NAS out of components so that in if this event ever happens again i just need to replace a component of the solution.
C) Only have music, videos and personal data on my current NAS and i need to share it within my residence with 2 laptops running windows 7 1 HTPC running windows 10 and one laptop running Ubuntu 15. In june of this year I will need to grant access to NAS to a remote location (that will use an additional HTPC using windows.

Why i worry, its because all of these computers will need to have access to the NAS and to be able to download from the NAS play media files and I will need to have access from any of these computers to my personal information and read it move it edit it or delete it and possibly save it to an other computer.

What version of freenas should i start with to ensure my functional requirements are met,

In additional I plan a monthly copy of all the files on my NAS to my main HTPC (it has hot swap bays) and use this a a backup of all my files.

Thank you for reading and responding to this verbose and probably redundant posting
RGDS William Bravin

On the bright side spring is upon us

 

[SweetAndLow]

You should start your own thread for this type of question. Yes freenas can do all the things you want to do.

If you are worried about not being confident in your skills to setup everything just as yourself if you are willing to learn how. If the answer is yes then you will be fine. There is more information on this forum than you can possible need so just search and start reading and you will learn everything you need to know. If you have specific questions feel free to start a new thread or hop on IRC with questions.

 

[William Bravin]

Thank you for your prompt and sweet response