Newb question. SMB&NFS Share Permission Error after a reboot

Hello and TIA for the help,

I just rebooted my Scale to add a smart power monitoring plug. When it came back up it threw this fault at me. I don’t think I have made any ACL changes since the last time I rebooted so I am not sure why this is happening.

For context, when I originally made the file structure, I was planned on doing a Top-Down share rather than individual child shares… to keep things tidier

WHAT I’VE DONE SO FAR:
1.) I deleted both the SMB & NFS shares for the /mediaserver folder thinking something about the config of them was incorrect,

2.) Then I was hoping to just recreate them. No dice, TN wont let me and throws this error when I try to make a new ‘Multiprotocol’ share in the same directory.

3.) Next, I want to see if there was any ACL mismatches that I could see… The /Mediaserver (root) folder has a few more permission bc apps use it and such but I always use the ‘Apply Recursively’ option when I was adding those rules…
I once more editted the ACLs and changed nothing, just ticked the ‘Recursive’ option and hit save.
Soooo now all child data sets should have same permissions… right…
Nope, still can’t Re-make the SMB/NFS share…

Can someone please give me some guidance on how to fix this and get my shares back online?

‘Root’ Dataset (/mediaserver) ACLs

One of the child dataset permissions, before i did the ‘recursive’ save mentioned above. ALL Child Datasets are the same as this one

Error Code presented when trying to re-make multiprotocol share on the /mediaserver directory:

Root isn’t allowed by default for SMB sharing and Sharing a root dataset is discouraged or not allowed.

Screenshots from a Core system. Shay is my root / parent dataset. I created BU@ dataset as a child and it is owned by the SMBUSER, just for SMB sharing


SmallBarky,

My mistake, I shouldn’t have used the word ‘Root’ there, that was not accurate. I don’t have the ‘root’ user involved at all other than it being the owner.
What I should have said is, the ‘mediaserver’ is the ‘parent’ for all of the 4 child-datasets (abooks, movies, music, tv) and so i chose to do ONE smb/nfs rather than FOUR individual ones.

Or are you making another point, and I am missing it?
I am still wrapping my head around all of this TrueNAS syntax and such

This is my file structure looks like this:

If you look at ROOT and TRUENAS_ADMIN, both have SAMBA_AUTHENTICATION = NO set. I could only show one user at a time
Documentation has you setting up a different user

@SmallBarky so are you saying:

1.) I need to update the owner ACL of the directory ‘mediaserver’ to my profile so i can then make a SMB/NFS share?

2.) I need to change one of, ‘root’ or ‘truenas_admin’ to have smb privs? (i tried to do this and TN UI says I cannot add smb privs to either of these accts)

3.) something else?

I think you need the owner to be other than ‘root’ or ‘trunas_admin’ for sharing. I created the SMBUSER just for sharing in my case.

‘mediaserver’ may work as the owner. You may have to create a new user that owns all the SMB shares. Whoever has access needs to have the samba auth rights.

Actually I have an SMB share that works with “root” as the owner on the ZFS dataset itself, so that part does not appear to be a problem.

But I am using a different user to connect via SMB, a user that has the permission for this dataset through their group assignment.

(Actually having ‘root’ on that particular dataset as the owner, was just an oversight on my part and I’ll correct that soon.)

I figured it out finally…
The problem is that I was setup using the POSIX ACLs instead of NFSv4 acls.
I had to go into dataset editor, change ‘ACL Type’ to SMB/NFSv4 AND change ACL mode from ‘inherit’ to ‘Restricted’
Then it was a simple matter of stripping the ACL list on the dataset and rebuilding it again.
I was able to then make an SMB &/Or NFS, rather than JUST a NFS as it was previously.

Hope this makes sense. Not sure how I managed to goof this up. Hopefully this helps some other newbie later down the road.

Thank you both @tangofan and @SmallBarky for your help getting me to this point!

1 Like