Broken permissions after migration from Core to Scale

TrueNAS General
1

Hello,
I just performed a clean install of latest stable TrueNas Scale and imported my pool from previous TrueNas Core installation. I got permissions problem when trying to update ACLs (trying to add group family permissions to modify and apply recursively) for the datasets:

[EPERM] Filesystem permissions on path /mnt/tank/main prevent access for user "admin" to the path /mnt/tank/main/common. This may be fixed by granting the aforementioned user execute permissions on the path: /mnt/tank/main.

The output of stat:

admin@truenas[~]$ stat /mnt/tank/main/   
  File: /mnt/tank/main/
  Size: 4               Blocks: 1          IO Block: 512    directory
Device: 0,66    Inode: 4           Links: 4
Access: (0700/drwx------)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2024-04-26 08:33:42.374542370 -0700
Modify: 2024-04-26 07:32:07.655152691 -0700
Change: 2024-04-26 08:46:07.786505126 -0700
 Birth: 2020-02-08 11:45:11.656375647 -0800

When trying to chmod 751 i get:

admin@truenas[~]$ sudo chmod 751 /mnt/tank/main
chmod: changing permissions of '/mnt/tank/main': Operation not permitted

What have I done wrong? And how should I proceed in order to add a group rights to modify files inside?

Many thanks.

2

We notify of broken permissions better in SCALE (your permissions were broken in Core apparently). You can’t chmod because an ACL is present. Just use the UI-based ACL editor to add the required entry.

3

I tried that first, but I got the mentioned error… :worried:

image
image906×548 25.4 KB

4

You are still granting permissions to admin by virtue of it being the owner of the dataset.

5

The crux of the problem is that you have configured permissions on /mnt/tank/main such that there is no possible way for admin to access any data at all in /mnt/tank/main/common, but you are trying to provide access via the ACL for /mnt/tank/main/common this is clearly a mistake and requires some feedback to user so that they can fix permissions. Hence, a validation error is raised.

6

Ah yes, I am dumb. :man_facepalming: Now it works, thanks very much for pointing me in the right direction.