Upgraded to 25.04 from 24.10 and cannot change user password

The main problem is that smb/cifs share in fstab aren’t working anymore.

Research and testing with new datasets, shares, users and groups shows that resetting the password could be a solution.

But you get an error, if the user is a member of a builtin group.

Validation Error

[EINVAL] user_update.groups.6: www-data: membership of this builtin group may not be altered. [EINVAL] user_update.groups.8: docker: membership of this builtin group may not be altered.

More info…

When I remove the user of all the group(s) changing the password will work.

But then you get another problem. You cannot add the user to the builtin group again, of which before he was a member.

Why is this a problem? As the error message you got says, you aren’t supposed to be able to alter the membership of the built-in groups.

The problem is that you can’t edit or change the user password,

BECAUSE

the user is a member of a builtin group
to which he was added in a former truenas version.

…and my question was why? As you now know from your other thread, this isn’t supported–and modifying users from the shell has never been supported in any event. But why did you think you needed to do that in the first place?

It is therefore → no longer supported.

But it has always worked. Ever since truenas was still called freenas.

One reason why you need user rights of a built-in group can be a Docker container where a shared volume has very specific permissions for dedicated users.

Now also banging up against this issue. Can’t quite believe the message…makes no sense to the user, technically or any other way.

Are you saying new users can’t be added to groups they need to be a member of to manage the system?

Yes, exactly.

You must remove the user from the aforementioned “built-in group”. Otherwise, changing the password will not work.

You can no longer add users to system groups, not even in the terminal.

I wonder how it can even be that they are a member of the group? And that this error is displayed?

Because it has worked for 100 years to make them a group member.

In my case I’d like to use docker from command line to run custom docker containers, hence I’d like be the member of docker group. Or is even this scenario now prohibited - to run custom containers?

Of course not–just run them as root.

Of course not–just run them as root.

Sure, that works, but it is a tiny bit annoying and begs the question why would it be necessary at all, since being in a docker group and not a root does the trick.
What benefit does that bring us? It feels like TrueNAS doesn’t want us to run docker cli commands.

Docker wanting to be run as root is pretty common.

I am not sure how you go from that to “It feels like TrueNAS doesn’t want us to run docker cli commands”-

If you want to do it for a non-root user, you would use docker group instead. If somebody disables this feature for no apparent reason (security perhaps?), it feels like they want me to access docker in a more complicated way. If the reason is security, why don’t let the admin decide? Anyway, not a big deal, I can go with root, just a bit out of the blue without any explanation (or perhaps there is one?).