Newbie, Problems setting up correct permissions

Status
Not open for further replies.
madtulip

madtulip

Explorer
Joined
Mar 28, 2015
Messages
64
Hey everyone! :)

got some problems with cifs/windows access/file permissions/user groups.

i would like to have a folder /music on my /media volume in it which user A and B can read all subfolders.
A and B should be able to create subfolders like /music/band_A as well.
B should not be able to delete the folder /music/band_A created by A and vice versa.
I did create the users "A" and "B" and a group "group_A_and_B" containing both.
On the windows boxes accessing the nas i have the same accounts A and B with the exact same passwords. This works well for home directories if i set the volume to be owned by A respectively B.

however for the /media folder i can not get it to work with group permissions. i fiddled around with all kinds of combinations of volume permissions, sticky bit and the "apply default permissions" checkbox in the cifs share but i just cant figure it out. A and B never seem to be members of "group_A_and_B".

Also if i try to mount the home shares from windows and click the checkbox that i want to log in as a different user, but then just type in again username "A" and its password it wont grant access at all. I do not see how that is different from windows just by default using the currently signed in user and its password which is working.
 
D

dlavigne

Guest
Did you figure this out? If not, which version of FreeNAS?
 
madtulip

madtulip

Explorer
Joined
Mar 28, 2015
Messages
64
its 9.3 stable. i did figure it out. im not sure if its a good solution but so far ive set it up like this.:

under services->CIFS->Filemask: 0650
under services->CIFS->Directorymask: 0750
When someone copies files onto the nas over CIFS this is the file and directory permissions they will be set to, if i got that right.

- create group "media"
- user A and B each have "media" as theire auxilliary group

- dataset "/media" belongs to nobody:media 750 unix permissions
you canset that over the webgui

- "/media/music" has this setting: "drwxrwx--T 111 nobody media 111 Apr 2 02:10 music/ "
-- you can set the T "sticky bit" using this command "chmod uog+t folder/".
webgui doesnt allow you to set the stick bit afaik so you have to do this manualy with ssh.

result is that user A and B can create in /media/music and they can read what the otherguy (A respectively B) has written. They can only delete what they created themselves though.
 
Last edited:
Status
Not open for further replies.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Newbie, Problems setting up correct permissions"

Similar threads

M
  • Locked
CIFS SHARING, USER PERMISSIONS DON'T WORK CORRECTLY
Replies
6
Views
4K
Mike77
M
W
  • Locked
Sharing restrictions not applied to new folders
Replies
0
Views
1K
WildWalker
W
R
SMB folder with read/write and w/o modify/delete permissions
Replies
0
Views
3K
r51
R
A_N_G
  • Locked
Correct cifs mac & win7 working but correct settings?
Replies
2
Views
1K
A_N_G
A_N_G
R
  • Locked
SOLVED Best practices for Windows shares
Replies
5
Views
4K
PhilipS
PhilipS
Top