I’m running TrueNAS-SCALE-24.04.2.2 and I have a dataset which contains user home folders. On my main user (haven’t tested others) I suddenly started having a problem today where creating a new folder suddenly creates 4 of them with broken permissions. I have the home folder mounted over SMB to a windows 11 (mapped network drive). I can access some of my existing folders, but creating new folder anywhere results in a folders that are not accessible, can’t be renamed or deleted (over the SMB).
Using the shell to access the folder I can see following:
root@hilla[/mnt/taiga/home/oskari]# ls -al
total 1707776
drwx------ 35 oskari oskari 47 Oct 1 10:59 .
drwxrwx--- 4 root root 4 Mar 30 2024 ..
-rwxrw-r-- 1 oskari oskari 10244 Apr 14 20:09 .DS_Store
-rw-r--r-- 1 oskari oskari 220 Mar 28 2024 .bash_logout
-rw-r--r-- 1 oskari oskari 3526 Mar 28 2024 .bashrc
-rw-r--r-- 1 oskari oskari 807 Mar 28 2024 .profile
---------- 1 oskari oskari 0 Oct 1 10:59 'New Text Document.txt'
d--------- 2 oskari oskari 2 Oct 1 09:51 'New folder'
d--------- 2 oskari oskari 2 Oct 1 09:43 'New folder (3)'
d--------- 2 oskari oskari 2 Oct 1 09:43 'New folder (4)'
d--------- 2 oskari oskari 2 Oct 1 09:43 'New folder (5)'
d--------- 2 oskari oskari 2 Oct 1 09:43 'New folder (6)'
d--------- 2 oskari oskari 2 Oct 1 09:43 'New folder (7)'
d--------- 2 oskari oskari 2 Oct 1 09:43 'New folder (8)'
d--------- 2 oskari oskari 2 Oct 1 09:51 'New folder (9)'
Trying to set permissons with setfacl or with chmod result in same error :
root@hilla[/mnt/taiga/home/oskari]# setfacl -m u:oskari:rw 'New folder (3)'
setfacl: New folder (3): Operation not supported
I can use rm -fr to delete them or mv them to rename as a root. Creating a new folder with mkdir works but the resulting folder is not accesible over SMB either.
I suspect this is somekind of permission issue, but I haven’t touched them since I installed and configured this about a year ago.
I’ve tried:
Rebooting truenas
Updating truenas (24.04.2 → 24.04.2.2)
Rebooting windows
Disconnecting and remapping mounted SMB share
I suspect the problem is somewhere in truenas permissions, any ideas how to fix it?
Yes, this is a permissions issue that can occur if you have removed DELETE and DELETE_CHILD permissions from a directory. Windows servers do the same thing actually.
I don’t believe that I have deliberately changed or removed any permissions regarding this (or anything else, I haven’t really had reason to touch them).
I guess my root/home directory, which is shared, already has the permissions wrong and the created folders inherit them?
Directory with broken permission and the shared home directory:
This is broken. You have explicitly configured the ACL so that only NT Authority\system has access to new files and directories. Moreover, you have explicitly removed DELETE and DELETE_CHILD from its permissions set.
You should grant the file owner or a group it’s a member of the MODIFY permissions set, and if you deem NT Authority\system as needing access to the path it should also have MODIFY.
I’m rather sure I have not done this from command line or truenas gui. Could this be done over SMB? I have recently tried making OS backups from my windows, over the SMB to the shared directory which is when I noticed the problem. Other possibility is that something has broken in one of the updates. I’m 100% sure I’ve never changed any permissions in the truenas gui for NT Authority\system
I managed to copy the correct ACL from another user home directory with nfs4xdr_getfacl /foo/bar/user2 | nfs4xdr_setfacl -S - /foo/bar/user1. After checking which directories were affected with nfs4xdr_getfacl * in the directory, I noticed that only the ones created today were problematic. Either the problem manifested only now, or acronis true image caused the problem somehow.
So, the problem is fixed for now but I’m not sure
a) How it actually happened
b) How can I avoid it in future
I had a very similar issue with permissions a number of months ago when trying to use windows built in backup system to save OS backups over to a SMB share on Truenas. If I remember it set some internal windows11 system to be the only access but don’t remember it it was NT Authority\system. It was caused by windows11 through the backup system. The issue was repeatable and came from the OS backup process of Windows11 not from Truenas.