Windows permissions without Windows

[itskando]

I run myfreeNAS webGUI off of macOS.

I setup a dataset for media storage with Windows permissions such that
I could make it into an authenticated CIFS/SMB share for easy drag/drop.

Code:

/mnt/POOL/media/
Permissions: Windows
User: root
Group: public

How do I modify specific permissions without having Windows available
to provide the Windows permissions GUI?

.

I ask because I mounted the dataset to the Plex plugin,
which can see all of the files but cannot transcode them.

I believe it is a permissions issue.

In the Plex jail shell:

Code:

[root@Deetz ~]# jexec 17 tcsh
root@plex:/ # ls -l /media
total 9
drwxrwxr-x+ 7 root  1000  8 Oct 23 22:56 movies

Since `root` is the dataset owner outside of the jail and inside of the jail,
is there no issue?

Does it matter that `root` is not the UUID of the jail, which is `plex`?

 

[sretalla]

Full disclosure, I have not tested this:
https://sourceforge.net/projects/nfsv4-acl-edit/

But maybe it gets you what you want.

Also, have a look at
ls -ale

Maybe it can help too in order to see what is already set.

 

[cobrakiller58]

Is there any benefit to using windows permissions if you do not have any windows machines in the network?

 

[itskando]

Is there any benefit to using windows permissions if you do not have any windows machines in the network?

Windows rig is next project : j

 

[cobrakiller58]

I see, @anodos has a post that may help you then https://forums.freenas.org/index.ph...e-tuning-samba-permissions.50739/#post-350684
I've never used the CLI to modify ACLS so I cannot give you any guidance ATM

 

[seanm]

Is there any benefit to using windows permissions if you do not have any windows machines in the network?

From my reading of the docs, "Windows" permissions are really SMB permissions. SMB is also the default file sharing protocol on macOS, so even a macOS-only shop would want to be using "Windows" permissions if I'm not mistaken...

 

[cobrakiller58]

Touché I forgot about Apple stopping development on AFP and supporting SMB.

 

[anodos]

ZFS ACLs are not SMB-specific. I've used them before in situations where I needed fine-grained control (even if the server application I'm using doesn't understand them). I added a new utility in 11.2 which may be useful (cloneacl). cloneacl (or winacl -a clone) basically recursively applies an ACL to a path. The way it would work in a normal situation:

Figure out what the ACL looks like on the path you want to edit permissions on
getfacl /mnt/dozer/foo

Use setfacl to fine-tune permissions on the root directory.
setfacl -m g:"media":full_set:fd:allow /mnt/dozer/foo

Use cloneacl to push that newly modified ACL to all files and subdirectories
cloneacl -v -p /mnt/dozer/foo

This reminds me that there are a few more changes in our 11.3 branch that might be useful in 11.2.