Marc Allard
Explorer
- Joined
- Mar 16, 2014
- Messages
- 56
Hello,
I would like to build a small NAS and I am comparing my options, so I do some tests with virtual machines (Hyper-v) before deciding whai I will do.
I have made the following : I have created a pool and a dataset
(TestPool/Test)
After that, I have created two groups
NASRead (read only acces on the share)
and
NASWrite (read/write access)
and a User (marc)
marc has a primary group of NASWrite
and an auxiliary group of NASRead
On the dataset TestPool/Test, marc is the owner and NASWrite is the group owner
Type of ACL is Windows
In the ZFS options, the Type of share is Windows.
In the FIFS options everything is default (I have added the options Unix extensions) and in the share (Test)
I point to /mnt/TestPool/test
I check Inherit owner (not checked doesn't change anything) and I check Inherit ACL.
(I do not check inherit permission).
After that I access my share but I would like to give the right Full access to NASWRITE and read only acces to NASREAD and I can't manage to do it.
NASWrite is listed in the properties security (windows) and I can change the rights, but I can't add the group NASRead (when I change the owner group NASWrite is replaced by NASRead.
And when I changed the main group of marc the old group rights were saved
With NAS4Free, I had to do
zfs set aclinherit=passthrough TestPool/Test
zfs set aclmode=passthrough TestPool/Test
And when I changed the main group of marc the old group rights were saved
Can you please tell me how I can do that in FreeNAS?
Thank you
Marc
EDIT :
I have added a script in the postinit to solve my problem
the net groupmap is permanent but after a reboot of the freenas server, I only see the guid the the user and there is no conversion to something readable (FREENAS\NASRead for example).
I only see a GUID ending by -1001 (number of the group in BSD).
So after the boot I remove the old groups mapping (I must use ntgroup).
And I add the unixgroup again (the rights seems to be solved).
#!/bin/bash
/usr/local/bin/net groupmap delete ntgroup=NASRead
/usr/local/bin/net groupmap delete ntgroup=NASWrite
/usr/local/bin/net groupmap add unixgroup=NASWrite
/usr/local/bin/net groupmap add unixgroup=NASRead
I would like to build a small NAS and I am comparing my options, so I do some tests with virtual machines (Hyper-v) before deciding whai I will do.
I have made the following : I have created a pool and a dataset
(TestPool/Test)
After that, I have created two groups
NASRead (read only acces on the share)
and
NASWrite (read/write access)
and a User (marc)
marc has a primary group of NASWrite
and an auxiliary group of NASRead
On the dataset TestPool/Test, marc is the owner and NASWrite is the group owner
Type of ACL is Windows
In the ZFS options, the Type of share is Windows.
In the FIFS options everything is default (I have added the options Unix extensions) and in the share (Test)
I point to /mnt/TestPool/test
I check Inherit owner (not checked doesn't change anything) and I check Inherit ACL.
(I do not check inherit permission).
After that I access my share but I would like to give the right Full access to NASWRITE and read only acces to NASREAD and I can't manage to do it.
NASWrite is listed in the properties security (windows) and I can change the rights, but I can't add the group NASRead (when I change the owner group NASWrite is replaced by NASRead.
And when I changed the main group of marc the old group rights were saved
With NAS4Free, I had to do
zfs set aclinherit=passthrough TestPool/Test
zfs set aclmode=passthrough TestPool/Test
And when I changed the main group of marc the old group rights were saved
Can you please tell me how I can do that in FreeNAS?
Thank you
Marc
EDIT :
I have added a script in the postinit to solve my problem
the net groupmap is permanent but after a reboot of the freenas server, I only see the guid the the user and there is no conversion to something readable (FREENAS\NASRead for example).
I only see a GUID ending by -1001 (number of the group in BSD).
So after the boot I remove the old groups mapping (I must use ntgroup).
And I add the unixgroup again (the rights seems to be solved).
#!/bin/bash
/usr/local/bin/net groupmap delete ntgroup=NASRead
/usr/local/bin/net groupmap delete ntgroup=NASWrite
/usr/local/bin/net groupmap add unixgroup=NASWrite
/usr/local/bin/net groupmap add unixgroup=NASRead
