Folder permission under Truenas SCALE

JaZ416 · November 29, 2022, 1:39pm

Hello my fellow 1st level support,

I come to you in time of great need.

I upgraded 3 day ago my truenas CORE to truenas SCALE from the OS itself ( no fresh install - first error ).

I then proceded to acustom myself to the new way to play around in this similar environnement.

1st Jail → docker I reinstalled was EMBY ( I always went with it compared to Plex ), I then had issues with my own media library access rights.

Striped the ACL on the containing volume, gave bin access and then Voilà! Emby had full access.

Yay !

problem is, unless you are root, no one has access now. This is nicht gut, nicht gut.

I, for the love of me, as are Vlan, do not get how the fiddle correctly with ACL, AT ALL.

I’ve been have this truenas server running and personally maintained for more than 5 years, 32 TB sporting a Xeon E3-1290V2 and 32 Gib of ram. Plenty sufficient for a familly let’s say ! The Levelonetechs and other online always inspired me to make my own instead of that old D-link nas.

I love my truenas core and managed plenty with it BUT ! the X9 supermicro does not like fan control … even with a script. Recently replace 4 4TiB HDD for 8’s and now, one of the HDD racks were kinda cooking ( between 55 and 63 deg. celcius ). Now, with scale ? Always under 42 to 45 tops which is refreshing. Scale also has GPU integration, just wondeful !

Please, pretty please, tell me someone know how to get these stupid permissions working !

I might not respond right away but ! if screencap or data requiered, I’ll give it out !

Thank you community !

Zedicus · November 29, 2022, 1:54pm

where you using TrueNAS users before? or do you have some sort of ‘authentication system’ set up somewhere else? or is this a case of ‘everyone could get to everything on the old version but now no one can get to anything’

There was actually a slight ‘bug’ in TrueNAS that made permissions more easy at one time. it has since been ‘fixed’. but your issue can still be resolved swiftly i am sure.

JaZ416 · November 29, 2022, 2:06pm

Hello !

Yes I did use ye old truenas core users and then had truenas core ACL on this volume ( picture related )
volumes

When the OS update went throught ( Truenas core 13.0 to TrueNAS-SCALE-22.02.4 ), the old ACL were still there and I could even the the ACL label besides the volume on the pools tab.

When I installed the EMBY docker, this is were it went to shambles. Emby had no access so I thought I would strip the ACL from the whole volume and then start over. I am used to working with germans sooooo you get the information you need… this does translate to the way I set my access rights on the folders themselves.

Thanks !

JaZ416 · November 29, 2022, 3:00pm

Now, this is something…

I logged back into the smb share via the m1 mac we have ( I usually go through the laptop or desktop all running popos ) and now … I have access. I did not mentionned it until now but I had added my personal user to the bin group which is used by EMBY. Even after adding it, I never had access, even after a server reboot.

The only difference is that the mac was reboot after the new OS update from yesterday…

Now, even with my personal user, I can access the samba share. This is odd but hey ! until IX system sends a new update on the stable train that f**ks it all up, I works !

Step one of any 1st level tech support, have you tried restarting it, ? yes ? both machines ?

Many thanks @Zedicus for your input …

Zedicus · November 29, 2022, 3:29pm

this literally has to do with how ACLs are setup and cached, so it will break next time you upgrade. but also the ACL structure would need to change to fix it so it is not worth changing until you upgrade again. Just make a note to deal with ACL lists at next upgrade and so you don’t panic when the shares disconnect next upgrade.

JaZ416 · November 29, 2022, 3:35pm

very good Idea @Zedicus !

Will do ! Thanks !

In the mean time I am trying my best not to lose it with docker… compared to jails, it is horrendus when you are new.

I’ll do another thread but I’m trying to get the unifi controller 6.0.43 ( which a docker image exist on docker hub ) to install but I cannot figure out why it always spits out in the logs : invalid image name; reason bad request

Arrffff there is a learning curve from Core to scale XD, hopefully it will start to get in…

Zedicus · November 29, 2022, 5:21pm

wish i could help. i have been in enterprise IT for a long time. many server rooms, hundreds of servers, worked with hospitals, school districts, used VMware, Nutanix, KVM, Xen, ETC. and i can not find a use case for Docker. it is an answer to a question i just do not have.

JaZ416 · November 29, 2022, 5:25pm

hmmmmm these jails were wonderful !

I even had my pfsense dhcp /16 with every ip of everything preset …

Since the update … it is a bit discuraging, I always have to open truenas just to get the port number back hahaha !

Thank again !