Who should own datasets?

It seems that everyone has a different opinion.

In my current setup, root owns all datasets and shares, and I use ACLs for permissions. So far I haven’t run into any problems, although I would like to hear if this setup is a bad idea. Some set the ownership of shares to the specific user group, who will use the share.

While changing the structure of my users to be in their own separate user dataset, I’ve run into a problem with unix permissions, as the dataset doesn’t use ACL.

I can’t do anything inside the dataset, let alone access it, not even as my TrueNAS admin user in the CLI. I do not have access as I’m not root. Would an okay solution be to change the group ownership to my admin group I’ve made?

I guess I have two questions in the end.

  1. Is it okay for root to own all datasets and SMB shares, even personal SMB shares?
  2. Is it okay to have root own the “Users” dataset, but set the owner group to my admin group? This makes it possible for me to access this dataset through the CLI, and I keep root as the owner user.

I think there is no right or wrong answer in this scenario, and is best suited based on your convenience level with CLI.

In my systems, I prefer to leave it as the default with root for all datasets/folders other than the home folder/shares.
I try to use the TrueNAS GUI for managing dataset as much as possible, just for the sake of keeping it simple. At times when I really need to do something in CLI, adding a sudo with the commands will be enough.

One scenario, where I change the user to a non-root user for a dataset ACL in GUI, is when I am doing a dealing with a temp share/dataset where I don’t want to tinker a lot with ACLs - but this is mostly for quick tests only.

Again, this is what I am following, and might not be the best/only approach that is right for anyone else. Hope it helps.

1 Like