The TrueNAS team is pleased to announce that TrueNAS 25.04.1 is now available!
This is a maintenance release and includes refinements and fixes for issues discovered after 25.04.0.
Notable Changes:
Remove support for BOTH in share ACLs (NAS-135183).
Persist updated GMail OAuth refresh token to prevent deauthentication (NAS-135394).
Improvements to Instances, including:
Allow the same host path to be mounted inside multiple containers (NAS-135371).
ARC scaling and eviction fixes to prevent VM crashes due to OOM errors (NAS-135904).
Enhanced robustness of the Instances screen to handle edge-case configurations (NAS-135098).
Add a synthetic container root user (NAS-135375). This adds a built-in unprivileged root user for containers: truenas_container_unpriv_root. This account can be used in permissions related APIs / UI forms to grant permissions aligning to root in VMs and containers (see Managing Instance Permissions).
Improved error handling when instance ports conflict with other service or application configurations (NAS-134963).
Prevent accidental deletion of built-in idmap entries (NAS-135475).
Improved validation for attaching and removing zvols from instances (NAS-135308).
Increase middlewared.service timeout to prevent boot failure when upgrading systems with slow boot drives (NAS-135663).
Prevent JSON decode crash in smartctl output to fix issues with disk temperature reporting (NAS-135527).
Fix TrueNAS UI authentication with IPv6 entries in Allowed IP Addresses (NAS-135361).
Fix SSH service startup with auxiliary parameters enabled (NAS-135367).
Improve human-readable formatting of TrueCloud Backup log (NAS-134491).
Change how oplocks are handled for multiprotocol shares (NAS-135040). Removes kernel oplocks in favor of disabling oplocks on a per-share basis when they have been flagged for mixed-mode use. This avoids issues observed in the field with kernel lease breaks causing client timeouts as well allowing SMB leases globally, resolving limitations on multiprotocol shares and Time Machine backup seen in 25.04.0.
Fix API calls when connected to legacy /websocket endpoints (NAS-135643).
I installed 25.04.1, seems to work fine. But dashboard’s system info box keeps saying “updates available”. But there are no more updates. So, how do I fix this?
Quick question if it’s a bug or me missunderstanding something.
When i try to add the truenas_container_unpriv_root user to the incus id map i get this error
[EPERM] Users provided by a directory service must be modified through the identity provider (LDAP server or domain controller).
The error message can be improved. You’re not supposed to be adding that to the idmap. It’s automatically there by default because it’s literally the root account in the container. The change was merely to make the account visible in the UI permissions editors.
It’s automatically generated any time the id key for what is being modified is in what we consider the synthetic range used by directory services. So cosmetic and nothing else.