I/O error on permision change from windows client (CIFS)

On several of our TrueNAS systems, when editing ACLs by the “Advanced Security Settings” dialog on a mounted CIFS share (at a windows client), I get an “I/O device error” on applying the changes. This had worked before (as it is our common practice of adjusting permissions) and it still works at one server (our latest and the only one I set up myself). All servers (including the latest) had been upgraded from “Core” to “Scale” some months ago and it is currently unclear, if the problem is directly linked to the upgrade.

Here the configuration differences I could spot by testparm -s:

  • under global options, the “idmap range” differs (probably not the cause)
  • under the shares’ options, the following “vfs objects” are active (among others, common with all our servers)
    • functional machine: io_uring, ixnas and zfs_core
    • “broken” machines: zfsacl and zfs_space

But now I am stuck as I can’t figure out, where these parameters are to be configured.

Any hints are welcome… (Thank you!)

Generally speaking you shouldn’t be using zfsacl and zfs_space on SCALE. The only way these can be set is if there are unsupported auxiliary parameters set on the share.

Thank you - and yes, it seems, that these parameters had been set on ‘core’ and then have been “inherited” through the upgrade to ‘scale’. It seems, that the webGUI does not offer any way to access the ‘auxiliary parameters’ anymore. But where are they stored? As the “official” recommendation is to use only TrueNAS tools for configuration changes: Is there a tool to access the samba configuration? Resp. if not, where can I edit it to be permanently (and safely) changed?

Using grep and tdbtool, I was able to identify /var/db/system/samba4/registry.tdb, key SAMBA_REGVAL\HKLM\SOFTWARE\SAMBA\SMBCONF\NAME_OF_THE_SHARE as the most promising target. Still, as these are productive systems, I hope for advice on how to edit the configuration ~safely:

  • Does this make sense at all?
  • Can it be safely done “online”? And if so:
    • Are there any services I need to stop / restart besides smbd aka cifs?
    • Is there a more comfortable editor for .tdb files than tdbtool?

NB: For availability reasons, I’d prefer to go this way instead of trying to delete and re-create the shares.

No. Don’t touch the tdb file. You can use the TrueNAS CLI to alter the SMB configuration to remove the auxiliary parameters.

Thank you, I noticed that it would make more sense to edit a configuration backup, which is in sqlite format.

Regarding the CLI: Can you point me to some documentation beyond the “CLI Reference Guide”, or give me a hint on how to get started?