NTFS Permissions not correctly inherited

Status
Not open for further replies.

themac

Cadet
Joined
May 30, 2016
Messages
5
On the latest FN11 release I get some strange permission problems:

Dataset is set to Windows Permissions with Admin as user and Admin as Group (770). No AD, just Windows Permissions set through the Explorer.

From Windows Explorer we set a folder with some users having r/w Access.

Now if User1 creates a new Folder, he is the owner and the other Permissions get inherited correctly. But if User2 creates a file within this folder, User1 doesn't get permissions for this file. Every ACL permission is inherited for all users, except for User1, who created the Folder.

That seems to be the case because he's the owner of that folder.

None of the users is member of the Admin group.

What am I doing wrong?
 
Joined
Jul 3, 2015
Messages
926
It might be the order you are doing things in. Are you assigning both users permissions before you start creating folders and files? The reason I ask is if you add a user later and re-stamp ticking replace all child object permissions... then you can have a scenario whereby the 'owner' of some files can no longer see them. The way around this is to re-stamp the owner permissions first followed by the user permissions.
 

themac

Cadet
Joined
May 30, 2016
Messages
5
Maybe I wasn't clear enough.

Both users are two among other users. The owner of the parent folder is admin. Both have r/w permissions on the parent folder and permissions get inherited.
User1 creates a new folder within the parent folder which makes him the owner of this new folder.
If user2 creates a file within this folder, then user1, the owner of the new folder doesn't get any permissions.

If I run a getfacl against the parent folder I see the owner:admin and group:admin and the other users with explicit permissions.
If I run a getfacl against the new folder, I see owner: User1, group:admin and all other users except User1 with explicit permisions.
If I run a getfacl agains the file, then I see: owner:User2, group:admin, all other users except User1 and User2 with explicit permissions.

So once one user is the owner of a folder, his permissions get lost afterwards.

I hope that makes it more clear.

The folders exist for quite some time and the users as well. I don't know if it occurred in previous FreeNAS Versions.
 
Status
Not open for further replies.
Top