Hi everyone,
TrueNAS-SCALE-22.02.1
When I created a zpool, by default the zpool has:
ACL Type: POSIX
ACL Mode: Discard
When I created a dataset_A under this zpool, by default the dataset_A (SMB) has:
ACL Type: NFSv4
ACL Mode: Restricted
Question1: Is this normal and recommended practice (zpool being POSIX)?
PS: I read this:
"Administrators must use NFSv4 if they intend to replicate data from TrueNAS SCALE to a TrueNAS CORE disaster recovery target."
https://www.truenas.com/docs/references/aclprimer/#when-to-use-nfsv4-acls
I then created dataset_A_a (also NFSv4 Restricted by default) nested under datasetA.
According to this post, I later changed dataset_A ACL Mode to Passthrough in an attempt to fix the issue in question3.
https://www.truenas.com/community/threads/acl-permissions-on-smb-share-new-items-issue.98821/
Question2: This change does not apply to dataset_A_a recursively, Is there a way to do it?
Question3: How to achieve this?
admin, admin2 have primary group-admingroup, auxiliary group-mygroup
Other users have primary group-mygroup, auxiliary group-builtin_users
I'd like to allow mygroup to have Modify (rwxpDdaARWc--s) permission to the folders under dataset_A_a/folderAa1 (currently for testing, set read for mygroup),
but wish to not allow users in mygroup to create new folders under dataset_A_a.
Only admin and admin2 can create folder (for example /dataset_A_a/folderAa1) (full control).
Then allow mygroup to create folder under dataset_A_a/folderAa1/.
Currently, admin can achieve that without issue (i.e. admin create folderAa1, other user can create folders under folderAa1),
but admin2 cannot - Windows return no permission (setting as the attached picture).
but admin2 can actually delete folderAa1.
Not sure why my setting is not working.
My reason of doing this is: I have quite a few user who randomly create folder at will without proper file organization.
Eventually, I want to add Group-admingroup instead of admin2.
Thank you all for helping.
TrueNAS-SCALE-22.02.1
When I created a zpool, by default the zpool has:
ACL Type: POSIX
ACL Mode: Discard
When I created a dataset_A under this zpool, by default the dataset_A (SMB) has:
ACL Type: NFSv4
ACL Mode: Restricted
Question1: Is this normal and recommended practice (zpool being POSIX)?
- It seems to me that if I need to need to use a TrueNAS Core as disaster recovery target, I can set replication from dataset_A (NFSv4) to a TrueNAS Core dataset_Core (NFSv4).
- If I have a POSIX client (maybe Proxmox), I can set replication from Proxmox to TrueNAS Scale dataset_B (POSIX)
PS: I read this:
"Administrators must use NFSv4 if they intend to replicate data from TrueNAS SCALE to a TrueNAS CORE disaster recovery target."
https://www.truenas.com/docs/references/aclprimer/#when-to-use-nfsv4-acls
I then created dataset_A_a (also NFSv4 Restricted by default) nested under datasetA.
According to this post, I later changed dataset_A ACL Mode to Passthrough in an attempt to fix the issue in question3.
https://www.truenas.com/community/threads/acl-permissions-on-smb-share-new-items-issue.98821/
Question2: This change does not apply to dataset_A_a recursively, Is there a way to do it?
Question3: How to achieve this?
admin, admin2 have primary group-admingroup, auxiliary group-mygroup
Other users have primary group-mygroup, auxiliary group-builtin_users
I'd like to allow mygroup to have Modify (rwxpDdaARWc--s) permission to the folders under dataset_A_a/folderAa1 (currently for testing, set read for mygroup),
but wish to not allow users in mygroup to create new folders under dataset_A_a.
Only admin and admin2 can create folder (for example /dataset_A_a/folderAa1) (full control).
Then allow mygroup to create folder under dataset_A_a/folderAa1/.
Currently, admin can achieve that without issue (i.e. admin create folderAa1, other user can create folders under folderAa1),
but admin2 cannot - Windows return no permission (setting as the attached picture).
but admin2 can actually delete folderAa1.
Not sure why my setting is not working.
My reason of doing this is: I have quite a few user who randomly create folder at will without proper file organization.
Eventually, I want to add Group-admingroup instead of admin2.
Thank you all for helping.
Last edited: