ACL Permissions for new files in SMB share

[hbhave]

Hi guys,

I'm about to set up a new file server after being on external hard disks for far too long, and I was looking into TrueNAS after having good experiences with FreeNAS in the past.

So I created a TrueNAS 13 Core installation in a VM, created a pool, a few users (all in the same r2labs primary group), and fired up smb. I connected to the smb share from MacOS finder and started creating files, then logged in as the other user and tried to modify the files but the ACLs seemed wrong. It seemed like it wasn't respecting the group@ ACL from the dataset permissions screen, and the group wasn't getting the correct write permissions. So I created an identical TrueNAS 12 installation and tried to do the same thing and it seems that the permissions works as expected in TrueNAS 12 but doesn't in TrueNAS 13. Can someone shed light on why this is happening?

These images are after I logged in as each user and created files, "from-hbhave" is from the "hbhave" user, and "from-pweb" is from the "pweb" user. The TrueNAS 13 dataset is called "downloads" and the TrueNAS 12 dataset is called "downloads12".

Any help on why the group doesn't have write permissions would be appreciated. Cheers!

 

[irTwit]

What is your dataset's "ACL Mode" set to (Storage > Options > Advanced Options)? Try setting it to "Restricted".

 

[hbhave]

Oh interesting, that seemed to fix it! I don't understand why though, that same setting is "passthrough" on TrueNAS 12, but has the same behavior as "restricted" on TrueNAS 13. Perhaps this is a regression?

In any case that seemed to resolve the issue. Thanks!