Folder based shares with SMB

I’m trying to replicate some permissions that are super easy and super intuitive to set up in Windows to my NAS. I like to have 1 user that has full control over the NAS, and 1 user with mostly read access, but has write access to 1 subfolder. The write folder name is “incoming” and just piles up stuff for easy sharing. It later gets sorted.

I have not been able to ever replicate this functionality in Linux in my years of trying, and usually attract some kind of snark of “why are you using NTFS and SMB with Linux???”

I tried to set this up in TrueNAS, and the UI doesn’t have any option to select a folder. But it has checkboxes to reflect inheritence, so…

I did some searching and didn’t find anything relevent, so I’m not even sure where to start. I was hoping to come across some guides or something, so if there is one, a link to it is all I need.

Lastly, FYI, I loathe this “forum” software. I’ve already had to click on 4 popups to make them go away. Everything about the UI/UX of this is terrible. Literally everything. There is nothing good about this forum.

To clarify, do you want to only set this for one folder in a dataset and not the whole dataset? Or are you wanting to set permissions for the dataset used by an SMB share?
If setting permissions for a dataset for the SMB share, there is documentation available on this in the TrueNAS Documentation Hub:

Not sure if this is what you want or need. The UI does not allow setting up permissions on a folder level.

The user fileshar* should only have write access to the folder incoming, and then read access for everything else.

I have 1 dataset with a bunch of folders/directories in it, and the SMB share is sharing the whole dataset.

Also, I’m more familiar with the term dataset from the mainframe world, where “dataset” is a file, so I haven’t really internalized what a dataset is in the world of TrueNAS.

*Normally it’s fileshare, but there’s a character limitation/bug in the UI, so I’m stuck with a truncated username for now.

In the world of ZFS and TrueNAS your main storage is a pool, and inside that pool you create datasets where you store your actual data which can be organized into folders or directories.
Shares are associated with datasets.
You can customize the permissions associated with the share user(s) or the dataset. Here are a few more links to help you work out your SCALE shares, datasets and permissions.

We have more tutorials available to help you with the process based on what you need.
We recommend users not configure the system through the Linux CLI.

Don’t you have to allocate finite storage to a dataset? And then can’t change it later?

My primary dataset was assigned all my storage.

It sounds like the web UI won’t do what I need, but what about going to the terminal to edit folder permissions there? Linux has a robust permission system, right?

Datasets do not require allocating a certain amount of storage or resources, they are restricted only by the available storage in the pool (CPU, memory, disk capacity, etc.). Only a Zvol requires you to allocate storage, and no, you cannot change that after the fact.
It is best to NOT use the root dataset for primary storage, rather create the dataset(s) you need for your uses cases as child datasets to the root parent (the pool dataset).

I don’t share the root dataset, I made another child dataset and then shared that and put all my files and folders in it.

Making one of them read/write while keeping them all read only for a single user shouldn’t be rocket surgery. Even Linux can handle that with folder permissions.

Is this a limitation of the TrueNAS GUI, and not the OS itself?

Okay, I’m losing the plot here. We started out on permissions, but your last previous post asked about fixed allocations in datasets in terms of system resources.
Yes Linux has robust permissions and the Edit ACL screen for a dataset, especially if it is an NFSv4 ACL allows configuring new ACL entries and defining permissions for that entry. If it a POSIX ACL the permissions are less robust. Let’s try this article to see if they help with the questions: