Error [EPERM] Filesystem permissions when assigning ACL

With TrueNAS 24.4, In a pool named “Work” I have these datasets:

  • Work (Pool)
    • Master-Folder
      • Shared-Folder
      • Group1
      • Group2
      • Group3

I then have these user groups

  • NAS-Admin
  • Master-Manager
  • Shared-Group
  • Group1
  • Group2
  • Group3

NAS-Admin has Full Control Permissions on Master-Folder and child datasets.
Master-Manager has Modify Permissions on Master-Folder and child datasets.

Now I would like to assign Modify Permissions on the respective 4 datasets to the 4 groups.


  • I add an Item
  • Who = Group
  • Group = Name of the group
  • Permission = Modify
  • Apply permission recursively = on
  • Click on “Save Access Control List”

“Updating ACL” starts and then the error appears

[EPERM] Filesystem permissions on path /mnt/Work/Master-Folder prevent access for group “Group1” to the path /mnt/Work/Master-Folder/Group1. This may be fixed by granting the aforementioned group execute permissions on the path: /mnt/Work/Master-Folder.

The owner of the datasets is always “root” and I created them with a user who belongs to the “builtin_administrators” group.

Where am I doing wrong?

You are granting access for “Group1” to the path /mnt/Work/Master-Folder/Group1 but you have explicitly cut its legs out from under it by your ACL on /mnt/Work/Master-Folder. We raise a validation error because there is no possible way that this ACL entry will work properly.

As is case for all unix-like operatings systems (and windows in some cases), removing EXECUTE / TRAVERSE on a parent path prevents access.

I don’t remember how I configured the ACLs in the previous version of TrueNAS, but it’s not unusual for there to be a Family folder, with the Dad, Mom, Son1, Son2 folders underneath.
Folders with separate rights.
What ACL should I give to Family so I don’t cut my legs off in subfolders?

Depends on ACL type. The easiest solution if using NFSv4 ACL type is to simply grant (non-recursively), everyone@ TRAVERSE rights with NO_INHERIT set on each parent directory (e.g. /mnt/Work/Master-Folder).

To be honest, I didn’t understand what to do.
With the latest version of TrueNas everything seemed simpler, but even rereading the documentation I didn’t understand what the steps are to create a tree of subfolders with different rights.
Now I have deleted the 5 folders and I will try to create them again.