Set details for any file system path

NAS File Storage REST API Reference
Version
15.6.x
File Size
1291 KB
Audience
anonymous
Part Number
MK-92HNAS100-07
ft:lastEdition
2026-04-07
patch /v9/storage/filesystems/{filesystemId}/path-info

Update or modify details for a file or directory on a file system. The information that can be modified would normally be set/updated using file serving protocols or by defaults within the system. Attempting to change both Windows and Unix security at the same time will fail, as the Windows and Unix security information are partially derived from each other. Some updates may remove specifically configured settings, so any changes should be made with care, and reviewed once applied to ensure they produced the expected changes. The security mode of the file system or virtual volume may affect how the changes are stored, depending on which mode they are set to.

When making changes to Discretionary Access Control Lists (DACLs), the order of the Access Control Entries (ACEs) is important, and determines how a client may access the resource. The DACL entries are processed in order to determine if access is allowed or not when a client attempts to access the resource. To specifically deny access to a security principal, any Deny ACEs should be added before any Allow ACEs.

Note: Accepted parameter values may be restricted based on the virtual server access granted by the API key used for authentication.

Note: The authentication required to access this API call differs from the general defaults. The default access to this call is: No user access, Writable API key (key types: callId restricted).

Authentication: x_subsystem_user Api Key "X-Subsystem-User"
Authentication: x_subsystem_password Api Key "X-Subsystem-Password"
Authentication: api_key Api Key "X-Api-Key"
Authentication: basicAuth HTTP - basic scheme
Path parameters
filesystemId String required

Either the file system ID or the object ID of the file system
Example: 7B263DFD1D71E65A0000000000000000
CLIENT REQUEST
curl -X 'PATCH'
-H "X-Subsystem-User: [[apiKey]]" \
-H "X-Subsystem-Password: [[apiKey]]" \
-H "X-Api-Key: [[apiKey]]" \
-H "Authorization: Basic [[basicHash]]" \
-H 'Accept: application/json'
-H 'Content-Type: application/json'
'https://172.27.146.40:8444/v9/storage/filesystems/{filesystemId}/path-info'
-d ''
import http.client conn = http.client.HTTPSConnection("172.27.146.40:8444") payload = "{\"dacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"inheritDaclAces\":true,\"inheritSaclAces\":true,\"path\":\"/dir1/lun1.iscsi\",\"sacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"unixGroupId\":500,\"unixMode\":511,\"unixOwnerId\":700,\"windowsGroup\":\"EXAMPLE\\\\Group1\",\"windowsOwner\":\"EXAMPLE\\\\User1\"}" headers = { 'Authorization': "Basic REPLACE_BASIC_AUTH", 'content-type': "application/json" } conn.request("PATCH", "/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
require 'uri' require 'net/http' require 'openssl' url = URI("https://172.27.146.40:8444/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Patch.new(url) request["Authorization"] = 'Basic REPLACE_BASIC_AUTH' request["content-type"] = 'application/json' request.body = "{\"dacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"inheritDaclAces\":true,\"inheritSaclAces\":true,\"path\":\"/dir1/lun1.iscsi\",\"sacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"unixGroupId\":500,\"unixMode\":511,\"unixOwnerId\":700,\"windowsGroup\":\"EXAMPLE\\\\Group1\",\"windowsOwner\":\"EXAMPLE\\\\User1\"}" response = http.request(request) puts response.read_body
const data = JSON.stringify({ "dacl": [ { "flags": 16, "mask": 17957311, "principal": "Everyone", "type": "ACCESS_ALLOWED_ACE" } ], "inheritDaclAces": true, "inheritSaclAces": true, "path": "/dir1/lun1.iscsi", "sacl": [ { "flags": 16, "mask": 17957311, "principal": "Everyone", "type": "ACCESS_ALLOWED_ACE" } ], "unixGroupId": 500, "unixMode": 511, "unixOwnerId": 700, "windowsGroup": "EXAMPLE\\Group1", "windowsOwner": "EXAMPLE\\User1" }); const xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function () { if (this.readyState === this.DONE) { console.log(this.responseText); } }); xhr.open("PATCH", "https://172.27.146.40:8444/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info"); xhr.setRequestHeader("Authorization", "Basic REPLACE_BASIC_AUTH"); xhr.setRequestHeader("content-type", "application/json"); xhr.send(data);
HttpResponse<String> response = Unirest.patch("https://172.27.146.40:8444/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info") .header("Authorization", "Basic REPLACE_BASIC_AUTH") .header("content-type", "application/json") .body("{\"dacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"inheritDaclAces\":true,\"inheritSaclAces\":true,\"path\":\"/dir1/lun1.iscsi\",\"sacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"unixGroupId\":500,\"unixMode\":511,\"unixOwnerId\":700,\"windowsGroup\":\"EXAMPLE\\\\Group1\",\"windowsOwner\":\"EXAMPLE\\\\User1\"}") .asString();
import Foundation let headers = [ "Authorization": "Basic REPLACE_BASIC_AUTH", "content-type": "application/json" ] let parameters = [ "dacl": [ [ "flags": 16, "mask": 17957311, "principal": "Everyone", "type": "ACCESS_ALLOWED_ACE" ] ], "inheritDaclAces": true, "inheritSaclAces": true, "path": "/dir1/lun1.iscsi", "sacl": [ [ "flags": 16, "mask": 17957311, "principal": "Everyone", "type": "ACCESS_ALLOWED_ACE" ] ], "unixGroupId": 500, "unixMode": 511, "unixOwnerId": 700, "windowsGroup": "EXAMPLE\Group1", "windowsOwner": "EXAMPLE\User1" ] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://172.27.146.40:8444/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "PATCH" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume()
<?php $curl = curl_init(); curl_setopt_array($curl, [ CURLOPT_PORT => "8444", CURLOPT_URL => "https://172.27.146.40:8444/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "PATCH", CURLOPT_POSTFIELDS => "{\"dacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"inheritDaclAces\":true,\"inheritSaclAces\":true,\"path\":\"/dir1/lun1.iscsi\",\"sacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"unixGroupId\":500,\"unixMode\":511,\"unixOwnerId\":700,\"windowsGroup\":\"EXAMPLE\\\\Group1\",\"windowsOwner\":\"EXAMPLE\\\\User1\"}", CURLOPT_HTTPHEADER => [ "Authorization: Basic REPLACE_BASIC_AUTH", "content-type: application/json" ], ]); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { echo $response; }
CURL *hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "PATCH"); curl_easy_setopt(hnd, CURLOPT_URL, "https://172.27.146.40:8444/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info"); struct curl_slist *headers = NULL; headers = curl_slist_append(headers, "Authorization: Basic REPLACE_BASIC_AUTH"); headers = curl_slist_append(headers, "content-type: application/json"); curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"dacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"inheritDaclAces\":true,\"inheritSaclAces\":true,\"path\":\"/dir1/lun1.iscsi\",\"sacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"unixGroupId\":500,\"unixMode\":511,\"unixOwnerId\":700,\"windowsGroup\":\"EXAMPLE\\\\Group1\",\"windowsOwner\":\"EXAMPLE\\\\User1\"}"); CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://172.27.146.40:8444/v9/storage/filesystems/7B263DFD1D71E65A0000000000000000/path-info"); var request = new RestRequest(Method.PATCH); request.AddHeader("Authorization", "Basic REPLACE_BASIC_AUTH"); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"dacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"inheritDaclAces\":true,\"inheritSaclAces\":true,\"path\":\"/dir1/lun1.iscsi\",\"sacl\":[{\"flags\":16,\"mask\":17957311,\"principal\":\"Everyone\",\"type\":\"ACCESS_ALLOWED_ACE\"}],\"unixGroupId\":500,\"unixMode\":511,\"unixOwnerId\":700,\"windowsGroup\":\"EXAMPLE\\\\Group1\",\"windowsOwner\":\"EXAMPLE\\\\User1\"}", ParameterType.RequestBody); IRestResponse response = client.Execute(request);
Body parameters
required
application/json
daclarray

Discretionary Access Control List (DACL). The order of the list is important, as the Access Control Entries (ACE) are acted on in order. Deny ACEs should generally be supplied before Allow ACEs. An empty list will clear the value

[
flagsintegerint32

A set of bit flags that determine whether child containers or objects can inherit the ACE from the primary object to which the ACL is attached, or how auditing is carried out. The value must be supplied as an integer, and should be determined by using a combination of the following values:

  • 0x01 ObjectInheritACE
  • 0x02 ContainerInheritACE
  • 0x04 NoPropagateInheritACE
  • 0x08 InheritOnlyACE
  • 0x10 InheritedACE
  • 0x40 AuditSuccessACE
  • 0x80 AuditFailureACE
Example:16
maskintegerint32

The access mask determines the specific rights associated with the security principal of the ACE. Access rights are divided into generic, standard and object specific - not all rights are applicable to all types of file system object. The value must be supplied as an integer, and should be determined by using a combination of the following values:

  • 0x00000001 FileReadData/FileListDirectory
  • 0x00000002 FileWriteData/FileAddFile
  • 0x00000004 FileAppendData/FileAddSubdirectory/FileCreatePipeInstance
  • 0x00000008 FileReadEA
  • 0x00000010 FileWriteEA
  • 0x00000020 FileExecute/FileTraverse
  • 0x00000040 FileDeleteChild
  • 0x00000080 FileReadAttributes
  • 0x00000100 FileWriteAttributes
  • 0x00010000 DeleteRight
  • 0x00020000 ReadControl
  • 0x00040000 WriteDACL
  • 0x00080000 WriteOwner
  • 0x00100000 Synchronize
  • 0x01000000 AccessSACL
  • 0x02000000 MaximumAllowedRight
  • 0x10000000 GenericAll
  • 0x20000000 GenericExecute
  • 0x40000000 GenericWrite
  • 0x80000000 GenericRead
Example:17957311
principalstring

Windows security mode security principal that identifies the trustee to which the ACE applies - it can be either a Security ID (SID) or a user/group name

Example:"Everyone"
typestring (Enum)

Type of the ACE - the allowed type will depend on whether the ACE is part of a DACL or SACL

Allowed values:"ACCESS_ALLOWED_ACE""ACCESS_DENIED_ACE""SYSTEM_AUDIT_ACE"
]
inheritDaclAcesboolean

True indicates that the DACL will allow appropriate ACE entries to be inherited from the parent object. False indicates that the DACL will not inherit any ACE entries from the parent object. Any inheritance is not automatic and the DACL must also be set at the same time

inheritSaclAcesboolean

True indicates that the SACL will allow appropriate ACE entries to be inherited from the parent object. False indicates that the SACL will not inherit any ACE entries from the parent object. Any inheritance is not automatic and the SACL must also be set at the same time

pathstring

Absolute path to the file system item, in Unix format

Example:"/dir1/lun1.iscsi"
saclarray

System Access Control List (SACL). An empty list will clear the value

[
flagsintegerint32

A set of bit flags that determine whether child containers or objects can inherit the ACE from the primary object to which the ACL is attached, or how auditing is carried out. The value must be supplied as an integer, and should be determined by using a combination of the following values:

  • 0x01 ObjectInheritACE
  • 0x02 ContainerInheritACE
  • 0x04 NoPropagateInheritACE
  • 0x08 InheritOnlyACE
  • 0x10 InheritedACE
  • 0x40 AuditSuccessACE
  • 0x80 AuditFailureACE
Example:16
maskintegerint32

The access mask determines the specific rights associated with the security principal of the ACE. Access rights are divided into generic, standard and object specific - not all rights are applicable to all types of file system object. The value must be supplied as an integer, and should be determined by using a combination of the following values:

  • 0x00000001 FileReadData/FileListDirectory
  • 0x00000002 FileWriteData/FileAddFile
  • 0x00000004 FileAppendData/FileAddSubdirectory/FileCreatePipeInstance
  • 0x00000008 FileReadEA
  • 0x00000010 FileWriteEA
  • 0x00000020 FileExecute/FileTraverse
  • 0x00000040 FileDeleteChild
  • 0x00000080 FileReadAttributes
  • 0x00000100 FileWriteAttributes
  • 0x00010000 DeleteRight
  • 0x00020000 ReadControl
  • 0x00040000 WriteDACL
  • 0x00080000 WriteOwner
  • 0x00100000 Synchronize
  • 0x01000000 AccessSACL
  • 0x02000000 MaximumAllowedRight
  • 0x10000000 GenericAll
  • 0x20000000 GenericExecute
  • 0x40000000 GenericWrite
  • 0x80000000 GenericRead
Example:17957311
principalstring

Windows security mode security principal that identifies the trustee to which the ACE applies - it can be either a Security ID (SID) or a user/group name

Example:"Everyone"
typestring (Enum)

Type of the ACE - the allowed type will depend on whether the ACE is part of a DACL or SACL

Allowed values:"ACCESS_ALLOWED_ACE""ACCESS_DENIED_ACE""SYSTEM_AUDIT_ACE"
]
unixGroupIdintegerint32

Primary Unix group ID associated with the file system item

Example:500
unixModeintegerint32

Unix mode associated with file system item, represented as an integer value

Example:511
unixOwnerIdintegerint32

Unix user ID of the owner of the file system item

Example:700
windowsGroupstring

Windows security model primary group of the file system item - it can be either a Security ID (SID) or the group name

Example:"EXAMPLE\\Group1"
windowsOwnerstring

Windows security model owner of the file system item - it can be either a Security ID (SID) or the owner name

Example:"EXAMPLE\\User1"
REQUEST
{ "dacl": [ { "flags": 16, "mask": 17957311, "principal": "Everyone", "type": "ACCESS_ALLOWED_ACE" } ], "inheritDaclAces": false, "inheritSaclAces": false, "path": "/dir1/lun1.iscsi", "sacl": [ { "flags": 16, "mask": 17957311, "principal": "Everyone", "type": "ACCESS_ALLOWED_ACE" } ], "unixGroupId": 500, "unixMode": 511, "unixOwnerId": 700, "windowsGroup": "EXAMPLE\\Group1", "windowsOwner": "EXAMPLE\\User1" }
Responses

No Content - the resource was updated successfully

Bad Request

Body
application/json
errorCodeintegerint32

Generic error code

Example:1081353
errorMsgstring

Main error message

Example:"Invalid description parameter - the optional parameter must be between 2 and 30 characters long to be valid, if supplied"
RESPONSE
{ "errorCode": 1081353, "errorMsg": "Invalid description parameter - the optional parameter must be between 2 and 30 characters long to be valid, if supplied" }

Unauthorized - the request was rejected because the credentials or API key were either missing or invalid

Forbidden - the client does not have the required permissions to perform the operation

Body
application/json
errorMsgstring

Main error message

Example:"Forbidden request - the client does not have the required permissions to perform the operation"
RESPONSE
{ "errorMsg": "Forbidden request - the client does not have the required permissions to perform the operation" }

Not Found - a resource specified was not found

Body
application/json
errorCodeintegerint32

Generic error code

Example:1081345
errorDetailobject

Detailed error information

detailstring

More details on why the error occurred

faultstring
fileNamestring

Source file where the error occurred

Example:"RestApiFilesystems.cpp"
functionstring

Internal function name where the error occurred

Example:"mountFilesystem"
lineNumberintegerint32

Line number within the source file, where the error occurred

messagestring

Reason why the error(s) occurred

Example:"The file system is currently unassigned"
reasonstring

Reason why the error(s) occurred

Example:"The file system is currently unassigned"
returnedValueintegerint32

Not used

subCodeintegerint32

Specific failure error code

errorMsgstring

Main error message

Example:"Cannot find the object of the operation on the device"
RESPONSE
{ "errorCode": 1081345, "errorDetail": { "detail": "", "fault": "", "fileName": "RestApiFilesystems.cpp", "function": "mountFilesystem", "lineNumber": 0, "message": "The file system is currently unassigned", "reason": "The file system is currently unassigned", "returnedValue": 0, "subCode": 0 }, "errorMsg": "Cannot find the object of the operation on the device" }

Internal Server Error

Body
application/json
errorCodeintegerint32

Generic error code

errorDetailobject

Detailed error information

detailstring

More details on why the error occurred

faultstring
fileNamestring

Source file where the error occurred

Example:"RestApiFilesystems.cpp"
functionstring

Internal function name where the error occurred

Example:"mountFilesystem"
lineNumberintegerint32

Line number within the source file, where the error occurred

messagestring

Reason why the error(s) occurred

Example:"The file system is currently unassigned"
reasonstring

Reason why the error(s) occurred

Example:"The file system is currently unassigned"
returnedValueintegerint32

Not used

subCodeintegerint32

Specific failure error code

errorMsgstring

Main error message

Example:"Failed to mount file system"
RESPONSE
{ "errorCode": 0, "errorDetail": { "detail": "", "fault": "", "fileName": "RestApiFilesystems.cpp", "function": "mountFilesystem", "lineNumber": 0, "message": "The file system is currently unassigned", "reason": "The file system is currently unassigned", "returnedValue": 0, "subCode": 0 }, "errorMsg": "Failed to mount file system" }