Software-update: TrueNAS 25.10.2 Community Edition

iXsystems heeft versie 25.10.2 van TrueNAS Community Edition uitgebracht. Met TrueNAS kan een computer als network attached storage worden ingezet. Met behulp van plug-ins kan extra functionaliteit worden toegevoegd. TrueNAS bestond uit een gratis versie met de naam TrueNAS Core en een betaalde en uitgebreidere versie TrueNAS Enterprise, beide gebaseerd op FreeBSD en die ook dezelfde codebase gebruikten. In 2022 heeft iXsystems daar onder de naam TrueNAS Scale een op Debian gebaseerde versie aan toegevoegd.

De Debian-versie is moderner en heeft meer mogelijkheden, waardoor de populariteit van de FreeBSD-versies is afgenomen. Sinds eind 2023 is de ontwikkeling dan ook gestopt en ontvangt het alleen nog bugfixes. Begin dit jaar heeft iXsystems TrueNAS Community Edition aangekondigd, wat zowel een voortgang als een samenvoeging van Core en Scale is. Hieronder zijn de belangrijkste verbeteringen te vinden die in deze uitgave zijn aangebracht:

Notable changes:

• Fixes critical upgrade failure affecting some systems upgrading from TrueNAS 25.04 to 25.10 (NAS-139541). Resolves “Could not prepare Boot variable: No space left on device” error that caused affected systems to become unbootable after failed upgrade attempts.
• Fixes SMB service startup failure after upgrading from older TrueNAS versions with legacy ACL configurations (NAS-139076). Systems with legacy SMB share permission strings stored in their configuration database could not start the SMB service after upgrading to 25.10.1. This update automatically converts legacy permission formats to the current binary format during service initialization.
• Improves NFS performance for NFSv4 clients (NAS-139128). This item was included in the 25.10.2 release notes in a clerical error. The improvement is planned for a future release. See Known Issues for details.
• Improves ZFS pool import performance and write operation responsiveness (NAS-138879). Limits the time async destroy operations can run per transaction group, preventing these operations from blocking pool imports and other write operations. Pool imports that previously took extended time due to prolonged async destroy operations complete more quickly.
• Fixes disk replacement validation incorrectly rejecting identical capacity drives (NAS-138678). Resolves “device is too small” error when attempting to replace failed drives with identical capacity models. The system now correctly validates replacement drive capacity and allows legitimate disk replacements to proceed.
• Reduces excessive API calls during user and group selection in the web interface (NAS-139459). Implements longer debounce period for autocomplete fields to prevent the system from making API requests for every keystroke. This reduces system load and eliminates logs filled with failed requests during routine typing.
• Reduces background CPU usage when running containerized applications (NAS-139089). Optimizes YAML processing and Docker stats collection to reduce asyncio_loop CPU usage caused by repeated container inspection operations holding the Global Interpreter Lock.
• Fixes Dashboard storage widget displaying “Unknown” for used and free space (NAS-138705). Resolves issue where secondary storage pools showed no capacity metrics in the Dashboard widget, preventing visibility into actual storage usage and availability.
• Fixes network configuration lockout caused by invalid IPv6 routes (NAS-139575). Resolves issue where unusual IPv6 route entries in the routing table prevented access to network settings, app management, and bug reporting. The system now gracefully handles invalid route entries instead of becoming unresponsive.
• Fixes network bridge creation validation errors (NAS-139196). Resolves Pydantic validation failures that prevented users from creating network bridges through the standard workflow of removing IPs from an interface, creating a bridge, and reassigning those IPs.
• Adds Hosts Allow and Hosts Deny network access controls to SMB shares (NAS-138814). Provides IP-based access restrictions for SMB shares across all relevant purpose presets. Also adds ability to synchronize Kerberos keytab Service Principal Names (SPNs) with Active Directory updates for improved multiprotocol share management.
• Fixes IPv6 address formatting in Kerberos configuration for Active Directory (NAS-139734). Resolves Active Directory authentication failures when using IPv6 addresses for Kerberos Distribution Centers (KDCs). The system now properly formats IPv6 addresses with square brackets in krb5.conf, preventing “Invalid argument while getting initial credentials” errors.
• Improves Users page default filter to include Directory Services users (NAS-139073). Directory Services users now appear in the default view without requiring manual filter adjustment. This improves discoverability of directory service accounts in the user management interface.
• Fixes SSH access removal for user accounts (NAS-139130). Resolves issue where clearing the SSH Access option appeared to save without error, but the SSH indicator persisted in the user list. Users can now properly disable SSH access through the web interface.
• Fixes session expiry settings not being respected (NAS-138467). Resolves issues where users were logged out unexpectedly during active operations despite configured session timeout settings, and where page refresh (F5) triggered the login screen despite an active session. Session expiration now functions as configured.
• Fixes certificate management for certificates with large Distinguished Names (NAS-139056). Certificates with DNs exceeding 1024 characters (typically those with many Subject Alternative Names) can now be properly imported and managed. Previously, these certificates would upload successfully but fail during subsequent listing operations.
• Fixes Cloud Sync tasks becoming invisible after upgrading from TrueNAS CORE to SCALE (NAS-138886). Resolves data inconsistency where the bwlimit field contained empty objects instead of empty arrays, preventing the UI from displaying cloud sync tasks. Tasks remained functional via command-line but were not visible in the web interface.
• Improves S3 endpoint URI validation for Cloud Sync tasks (NAS-138903). Adds upfront validation to ensure S3 endpoints include the required https:// protocol prefix. Previously, omitting the protocol resulted in an unhelpful “Invalid endpoint” error. The system now provides clearer guidance during configuration.
• Fixes iSCSI extent wizard hanging when adding second extent to a target (NAS-138856). Resolves issue where an unsaved changes popup appeared unexpectedly after saving, followed by duplicate item errors. The wizard pane now closes automatically as expected, though the extent is added successfully despite the confusing error messages.
• Fixes error notifications displaying placeholder text (NAS-139010). Resolves formatting bug where error notifications showed “%(err)s Warning” instead of descriptive error messages.
• Improves error dialog usability for long error messages (NAS-138424). Adds proper scrolling to error dialogs with lengthy content. Previously, users had to zoom out to 50% to see action buttons when error messages (such as those listing numerous dependent clones) extended beyond the visible area.
• Restricts root account group membership to preserve system stability. The system now locks root account group membership to the builtin_administrators group and prevents modification through the UI. This prevents accidental removal of required privileges that could cause scheduled tasks, cloud sync operations, cron jobs, and other system functions to fail. To disable root account access to the TrueNAS UI, use the Disable Password option in Credentials > Local Users instead of modifying group membership.

Click here to see the full 25.10 changelog or visit the TrueNAS 25.10.2 (Goldeye) Changelog in Jira.