Hello and Happy New Year!
I have a strange access control situation.
I’m using FreeNAS-11.2-U7. I have one parent dataset and multiple child datasets.
I have the child datasets shared via SMB.
Earlier last year I had to assign different permissions to different users/groups. I tried using Windows ACLs but there was a weird issue, couldn’t get is working as it should’ve. So I went back to UNIX ACLs and got it working properly. One of the child datasets has a user set as the owner. The owner has write premissions and there is a group set with read and execute permissions.
Now the strange part:
The owner has read-write permissions as intended. The group has read permissions on the existing folders and files, as intended. BUT, if the owner creates a new folder, the group has write permissions inside the new folder as follows:
They can create files and folders.
They can rename files created by the owner.
They can’t modify the content of the files created by the owner.
I already ran this command: find directory/ | setfacl -b to remove any residual Windows ACLs that were present. I ran the command on the parent dataset and on the child dataset in question also.
The shares are accessed via Windows 10 PCs.
Please advise. What is going on?