Adding users to "Sharing & Permissions" panel

All your general support questions for OpenZFS on OS X.

Adding users to "Sharing & Permissions" panel

Postby monroo » Wed Apr 13, 2022 6:36 pm

Hi all,

I've been using v1.9.4 on Catalina for quite some time but had to do a fresh install and upgrade to Monterey / 2.1.0.

I've noticed that I can't add any users to a ZFS dataset or its subfolder. I've created a new "sharing-only" user to use while sharing a couple of folders via smb with read-only permissions. I can add that user to a folder created on an APFS drive without a problem. But I can't add to a folder that is on a ZFS dataset. Even if the dataset has com.apple.mimic=hfs flag. Adding user via System Preferences -> Sharing panel doesn't work either.

I was able to do this on 1.9.4 and Catalina. Is there any way I can add users to "Sharing & Permissions" panel for smb sharing on Moneterey / 2.1.0 too?

Thanks in advance
monroo
 
Posts: 13
Joined: Sat May 31, 2014 11:32 pm

Re: Adding users to "Sharing & Permissions" panel

Postby monroo » Thu Apr 14, 2022 3:25 am

I noticed that alongside the com.apple.mimic property there are also
Code: Select all
aclinherit
acltype
aclmode
com.apple.devdisk

properties.

Code: Select all
NAME                      COM.APPLE.MIMIC_HFS  COM.APPLE.DEVDISK  ACLINHERIT     ACLTYPE   ACLMODE
tank/NetworkShare         hfs                  on                 restricted     nfsv4     discard



I've tried with aclmode "passthrough" and "restricted" but maybe I have to use a different combination?
monroo
 
Posts: 13
Joined: Sat May 31, 2014 11:32 pm

Re: Adding users to "Sharing & Permissions" panel

Postby FadingIntoBlue » Thu Apr 14, 2022 9:15 am

I don't know for sure that this 2017 post from lundman is still the current state of affairs, but I'm pretty certain it is:

https://openzfsonosx.org/forum/viewtopic.php?f=11&t=3047&p=8150&hilit=acl#p8148

It's unusual to actually use ACLs, but ZFS had full ACL capability, what IS missing however is the UI integration of them. So you can not use, say, Finder, to change ACLs. You have to pop open terminal, and use chmod like all the elite hackers.
FadingIntoBlue
 
Posts: 106
Joined: Tue May 27, 2014 12:25 am

Re: Adding users to "Sharing & Permissions" panel

Postby CL_Jeremy » Thu Apr 14, 2022 7:31 pm

I just started a new topic after searching for recent posts on ACL, not realizing someone just posted about this yesterday.

To my understanding, using GUI might not be reliable due to how ACL is handled behind the scenes (potentially out of sync with calculated effective permissions), but should generally work equally well as using chmod. With my testing, however, neither approach had any effect with 2.1.0.

I'd say it's a bug and not by design based on OP's experience.
CL_Jeremy
 
Posts: 3
Joined: Thu Apr 14, 2022 5:56 pm

Re: Adding users to "Sharing & Permissions" panel

Postby monroo » Thu Apr 14, 2022 11:54 pm

FadingIntoBlue wrote:I don't know for sure that this 2017 post from lundman is still the current state of affairs, but I'm pretty certain it is:

https://openzfsonosx.org/forum/viewtopic.php?f=11&t=3047&p=8150&hilit=acl#p8148

It's unusual to actually use ACLs, but ZFS had full ACL capability, what IS missing however is the UI integration of them. So you can not use, say, Finder, to change ACLs. You have to pop open terminal, and use chmod like all the elite hackers.


Thank you very much for mentioning this. I've tried several things, please see below.




CL_Jeremy wrote:I just started a new topic after searching for recent posts on ACL, not realizing someone just posted about this yesterday.

To my understanding, using GUI might not be reliable due to how ACL is handled behind the scenes (potentially out of sync with calculated effective permissions), but should generally work equally well as using chmod. With my testing, however, neither approach had any effect with 2.1.0.

I'd say it's a bug and not by design based on OP's experience.


Guess it is a good thing that I'm not alone on this. I've read your post and my experience is the same.

1) I've created a folder on my desktop and setting permissions via Finder gui then tried to copy it to my dataset using rsync -ar. The folder got copied with correct chown and chmod settings but that extra acl permission didn't get copied.

2) I've tried setting the acl with this command:
Code: Select all
sudo chmod +a "media-user allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity" "/Volumes/tank/Media/test"

It returns without error but Finder and ls -le doesn't show alc for "media-user"

I don't exactly remember how I did it but on Catalina and v1.9.4 I was able to set acls before. Same dataset/folder setup was working before I had to upgrade. So, as you have said in your post, maybe this a regression in the 2.x.x branch?

Any help on clarifying this would be much appreciated.
monroo
 
Posts: 13
Joined: Sat May 31, 2014 11:32 pm


Return to General Help

Who is online

Users browsing this forum: No registered users and 38 guests