Enable user to set ACLs for specific shares OMV 2

  • Hi, here is my scenario:


    My shares are basically home directories of users.
    Users should be able to share specific folders/files inside ther home folder with other users/groups.
    The users are Windows/Linux users.
    They want to mount their Home folders via SMB or SSHFS.
    --> I decided to create a omv-users group which has read write access on all shares
    --> The basic permission scheme is 700 for the home folders.
    Users should have SSH access on the server.
    But not all users are able to use getfacl and setfacl on the command line.
    From the webui I saw, that there is a configuration window that allows to navigate through a folder structure starting from a configured Share and set the default as well as the more detailed ACLs.


    The user can login to the webui as well but has just a limited amount of options there.
    Is ist somehow possible to add this ACL window for a specific folder for each user?
    Could this probably be achieved by a plugin?


    It would be nice if you could help me with this.
    I'm a linux admin with a fundamental grasp of programming.


    Thank you in advance.

    • Offizieller Beitrag

    There is only one admin user in Omv. Extended access to normal users for admin features is not possible by default. If you create a plugin it might work, the php socket runs as root. I am not aware that non-admin users are unprivileged as they log in, they are just limited by the ui design.


    Examples on how plugins give some extra access to their configurations (limited btw) is the OpenVPN and if I am not mistaken the cups plugin.


    A better answer maybe given by @ryecoaaron or @votdev

    • Offizieller Beitrag

    Examples on how plugins give some extra access to their configurations (limited btw) is the OpenVPN and if I am not mistaken the cups plugin.

    syncthing also has a interface for the user.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • I thought of another solution using inotify/incron to monitor changes on the directory and set setfacl permissions recursively. For this I have a small file in the home dir of every user, where the permissions can be entered. But I still need to test out how exactly this needs to be configured and if this is working with lots of files. I will keep you up to date when I continue with this. currently I try to move all my custom configurations into separate docker containers...

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!