In 25.04.1 we have added a fake user account in API responses to allow assigning permissions to the root account in unprivileged containers (creatively named “truenas_container_unpriv_root”). This means if you mount a dataset in a container, and you need the root account in the container to be able to do root things to it, (if it has NFSv4 ACL type) you can add an explicitly entry for that username and give it FULL_CONTROL. This will allow the container root to do things like read, write, chown, chmod, etc.
3 Likes