I have a strange Syncthing plugin problem on FreeNAS.
I’ve created a separate ZFS dataset (think of it as a drive partition) for syncthing. When creating a dataset, you can choose for it to use either Unix permissions or ACLs.
Since FreeNAS plugins run in FreeBSD jails, its users and groups are separate from base system’s users and groups. In addition to that, any storage external to a jail must be explicitly mounted.
There are several approaches in setting permissions to make mounted storage available to jail users. The one I use in this scenario is to have a group in the base system (e.g.
backup, GID=1003) and set desired permissions on the directory in the base system. Then, create a group with the same GID in the Syncthing jail and add the syncthing jail user to that (jail) group. That way, base system’s group permissions effectively get propagated to the same group inside the jail.
Now, I have a Win10 laptop with syncthing running (already syncing a few directories to an RPi). I’ve tried sharing two directories with the FreeNAS Syncthing instance (one is my Documents directory, the other one the phone photos directory already synced with my Android phone)
Initially, I’ve only created the
sync dataset on FreeNAS and let Syncthing create a top-level directory when creating each share (
sync dataset is created with Unix permissions, everything works as expected.
However, if I create the
sync dataset with ACLs (Windows permissions), the phone photos share gets synced properly, but the documents share fails with an error like
finisher: chmod /mnt/bozho/documents/My Games/Borderlands/WillowGame/Logs/.syncthing.Launch-backup-2017.03.13-21.56.32.log.tmp: operation not permitted for every file. All subdirectories under
documents get created.
# file: documents/ # owner: syncthing # group: backup owner@:rwxpDdaARWcCos:fd----I:allow group@:rwxpDdaARWcCos:fd----I:allow everyone@:r-x---a-R-c---:fd----I:allow
phone_photos (the one that gets synced properly) has the same permissions, as does the
Logs directory with the
getfacl for the
.tmp file returns:
# file: .syncthing.Launch-backup-2017.03.13-21.56.32.log.tmp # owner: syncthing # group: backup owner@:rwxpDdaARWcCos:------I:allow group@:rwxpDdaARWcCos:------I:allow everyone@:r-x---a-R-c---:------I:allow
phone_photos have the same permissions.
Any ideas what might be happening here?