Groups + ACL ?

[answer35]

Hello,

I am confused right now. In a group, (downloads) I added users for radarr, jdownloader for example.
On my Download folder, I have set NFS4 ACL with group owner downloads and inherit settings. But then radarr for example doesn't get the rights to use the folder. If I add the user individually, then it works. And I have this for many type of groups, it is annoying and I don't understand why groups isn't able to send right to its users. Or am I missing something ?

 

[anodos]

In Linux by default newly created files have group set to the gid of the creating process. In 22.02.3 I'm changing this specifically for the case of NFSv4 ACL type to get the gid from the parent directory (BSD-style) since this will simplify migration from Core to SCALE and avoid POLA violation for users unfamiliar with linux file creation behavior (and also simplify things for case where ZFS aclmode is "restricted"). That said, you can have up to 128 entries in an ACL.

Do note that group membership is determined by the settings inside the app, and not how they are configured in the webui (if you created a "radarr" user there).

 

[coolaj86]

Was this implemented?

It seems that whenever I add new files over CIFS (Samba) from macOS, the permissions are restricted to the user that added them.

Also, it seems like only the primary user's permissions are considered - or at least sometimes it seems like a user can't access things that is among their groups but not their primary group - not the union I would expect. Or maybe I'm just observing what happens when the ACLs aren't copied for new or modified directories.