Samba stopped working

    • OMV 2.x
    • Resolved

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • I managed to recreate and solve the problem this time by being more careful for every step I take testing it (and testing reboots after I change stuff). The cause was my /tmp setting which was like so:

      Source Code

      1. tmpfs /tmp tmpfs rw,size=1G,nr_inodes=5k,noexec,nodev,nosuid,uid=648,gid=648,mode=1700 0 0


      After setting it and rebooting I encountered the problem again, I unmounted /tmp and samba worked again.

      This was a copy paste job I forgot to actually test properly, so my bad (although I wasn't aware that samba relied on /tmp, how does samba use /tmp?)

      Things work gain with a more simple fstab option

      Source Code

      1. tmpfs /tmp tmpfs rw,size=1G,noexec,nodev,nosuid 0 0


      Since Samba is the most important function of the NAS for me, I need to know exactly what it is using /tmp for and why it fails without it. (Once I know this is resolved).
    • subzero79 wrote:

      Quote from rabcor: “,uid=648,gid=648,mode=1700”

      Where specifically did you get this idea? noexec is fine but this specifically?


      I copied one of the lines on /tmp with /tmpfs in fstab from the arch wiki that looked like it had been given the most thought, then altered the directory from some /www something to /tmp. I know that was a stupid thing to do and copy paste jobs without audit is a very bad practice, but what can I say, I was in a hurry and at least we learned something ;)

      Also I learned that there actually is a way to snapshot/backup your OMV system. With omv-extras I got openmediavault-backup which does something along the lines of what I want.

      But I need to know what smb uses /tmp for (just to optimize the tmpfs size)

      The post was edited 1 time, last by rabcor ().

    • @subzero79 urgh I hate these mailing lists, what is this the 90s? But I guess you're right.

      I've got another problem now though, I finally set up LUKS encryption on all my drives (yay), but write permissions aren't getting across, e.g. I can't read/write from windows, only read the shares even if permissions are as discussed before (e.g. 2755 for the drives and 2755 for the shares) and the User is also in samba's settings as a valid user and on the write list.
    • @subzero79 which one? I have OMV Extras installed but I don't see any reset permission utility in the plugin list. But if you mean the reset permissions utility that's in the shared folder management menu then I tried that one, and it fixed my problem, thanks! Guess this is as far as this thread goes, everything is working the way I want now. Thanks a lot for your help guys!
    • rabcor wrote:

      I copied one of the lines on /tmp with /tmpfs in fstab from the arch wiki that looked like it had been given the most though


      ARCH wiki is very good, tons of information well organized and presented. But looking at that specific configuration there is no justification at all for closing tmp 700, unless you run all services as root or user uid 648, something unthinkable considering privilege division, different daemon usernames etc.
      ARCH wiki should be taken as a reference for configuring the server, but always remember this is Debian. Very good source of information there.

      rabcor wrote:

      urgh I hate these mailing lists, what is this the 90s? But I guess you're right.


      Is where you get answers from people that actually submit code to samba. Not a single developer/moderator/user here codes for samba, ftp or any of many pieces of software omv uses, except for mergerfs which has active support from the coder here in the forum. Look at a thread last week a user requesting omv developer to fix openssl heartbleed because he compared the debian version probably with a blog news that spread which openssl version where affected.
      New wiki
      chat support at #openmediavault@freenode IRC | Spanish & English | GMT+10
      telegram.me/openmediavault broadcast channel
      openmediavault discord server
    • subzero79 wrote:

      rabcor wrote:

      I copied one of the lines on /tmp with /tmpfs in fstab from the arch wiki that looked like it had been given the most though


      ARCH wiki is very good, tons of information well organized and presented. But looking at that specific configuration there is no justification at all for closing tmp 700, unless you run all services as root or user uid 648, something unthinkable considering privilege division, different daemon usernames etc.
      ARCH wiki should be taken as a reference for configuring the server, but always remember this is Debian. Very good source of information there.

      rabcor wrote:

      urgh I hate these mailing lists, what is this the 90s? But I guess you're right.


      Is where you get answers from people that actually submit code to samba. Not a single developer/moderator/user here codes for samba, ftp or any of many pieces of software omv uses, except for mergerfs which has active support from the coder here in the forum. Look at a thread last week a user requesting omv developer to fix openssl heartbleed because he compared the debian version probably with a blog news that spread which openssl version where affected.

      Well I'm a dev myself, kinda (haven't actually released anything but I've got a few in-house applications made by myself for myself, I just don't think my code is at a publishable quality level yet) so I know what you mean about no samba devs being here. I just think mailing lists are so... I mean we have forums and similar, nicer solutions around now. I don't think I've seen any windows dev use mailing lists...

      As for openssl that's actually on the openbsd devs to fix, but if an openssl update can fix it then even if debian doesn't have that update yet you could push it into OMV as an OMV dev. You have OMV repositories right? You could compile and package an openssl version of your own and put it on your omv repos then use that for OMV until debian upstream updates. But if it hasn't been fixed by upstream openssl then I guess there's little you can do. I'm a bit new to administration personally so I'm not very familiar with openssl (I mean I barely understand SSH) It's a disaster having the windows background that I do having gotten used to since I was a child to get everything handed to me on a silver platter via GUI. (While today I'm thankful OMV even has a WebUI) I probably never would have put in the effort to even learn linux if it hadn't been for the trainwreck known as Windows 8 which I received as an early warning for the abusive OS coming up next, Windows 10, damn I'm glad I made the switch based on 8 before waiting for 10 to be released. I initially just started using Linux as an "in case the next Windows release will also be a mess", but little did I know how much worse than I had ever imagined possible it was going to be... anyhow, I've gotten sidetracked a bit lol.
    • rabcor wrote:

      As for openssl that's actually on the openbsd devs to fix, but if an openssl update can fix it then even if debian doesn't have that update yet you could push it into OMV as an OMV dev. You have OMV repositories right? You could compile and package an openssl version of your own and put it on your omv repos then use that for OMV until debian upstream updates.

      This is one thing we try not to do. Our goal is to rely on Debian which is typically not a bad thing.
      omv 4.1.9 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.9
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • Oh it's not the functionality of it, it's not the looks either. It's Microsoft's new policies of violating all the basic human rights they can find to violate. I mean since around Windows XP people have been making rumors about them being in bed with the NSA, and by the time of Windows 8 actual governments joined the list of those accusers which was a pretty huge red light... And they've never worked really hard to deny it (obviously not that opposed to the idea...) by Windows 10 though they are completely open about it, their terms of use practically state through more complicated compilations of sentences: "Your data is ours to do with as we please and share with whom we please. Every keystroke you make, every file you create, every file you view, every file you store, is ours for the taking. (Royalty Free!)" Which is basically the price of Windows 10 which is being given as a "free" update to be later released as free no doubt (unless microsoft decide to keep milking money for example by selling enterprise versions with some form of support and control over the system unlike the home editions). Your data, all of it, to Microsoft, that's a price I'm just not willing to pay, there's a limit to how much I think any corporation should know about me, and they've breached that limit a million times over with Windows 10's privacy violations.


      Even if that wasn't enough though, there's also this: betanews.com/2015/11/24/window…grams-without-permission/

      Among other annoyances. I mean look at all the trouble one has to go through to MAYBE disable spying (knowing there's probably a backdoor or feature that can not be disabled lurking somewhere in the kernel or elsewhere in the system...) hell, look at how they bypass the hosts file config if you try to redirect Bing to say Google in their edge browser, means basically that you can't prevent file snooping from microsoft by redirecting all their addresses to 127.0.0.1 or something... and really just... why should I use an OS that puts me through this much trouble? As a self respecting human being I just simply can't bring myself to use the filth that is Windows 10.

      The desktop is fine, the functionality/speed/implementation (etc) is fine. It's Microsofts terms of service, policies and general attitude towards users that simply disgusts me, hell it does more than that, it angers me, very few things make me genuinely angry, but thinking about Microsoft today I can feel the rage boiling up inside, I don't care about their new open source incentives, as far as I can see their operation is downright criminal, a violation of what I consider basic human rights. Sure it may seem all fine and innocent that Microsoft is sharing all user data to NSA to track down terrorists, but this government is not permanent, at any point in the future it could be replaced by a draconian one that will abuse (through Microsoft... in worse ways than Nazis abused people in their labor camps in cooperation with IBM...) this snooping ability to arrest, enslave or maybe even execute people based on what they wrote once in their private computers. One search through a microsoft database and you can find a list of all windows 10 users who once said something like "fuck religion" or "allahu akbar" or "donald trump should die" or "fuck the government" and they can be punished as the government pleases. So looking to the future the problem might escalate to extreme points, and sure, what ifs wouldn't bring me to abandon an OS like windows, it's the current state of things that did, I was pretty excited for Windows 10 until I noticed, and learned more about what microsoft is doing with it, how it is abusing it's position (monopoly even) as the developer of the most used desktop OS. It just, it's not right, a company shouldn't be allowed to do that, even Apple of all the shitheads in the world understands this...
    • Everyone is on Facebook and as far as privacy goes I think they are as bad, or worse, than anyone. I mean c'mon. They were basically stealing all people's contacts from their e-mail servers. If you were logged into your e-mail they would just download all your contacts without being clear about it. I still can't understand how they get away with shit like that and no one goes after them. They have a disclaimer but it is very deceptive the things they are doing. Privacy went out the window long ago. All the tech companies are in on it.

      One thing I really like on Win 10 is Cortana is not just search. I can't tell you how many times I've helped people and they don't have an icon on their desktop. It is nice to start apps/control panel/whatever by voice. You can do this on other OS's too though, e.g. Android. Balmer was the problem. He is gone now and they are playing catch up.
    • Facebook is run by the NSA. Then people just voluntarily give them all kinds of info :D
      omv 4.1.9 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.9
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • Yeah, everyone's doing it, I should totally do it too, right? (My facebook use is extremely limited and completely compartmentalized, nothing goes in there from me unless I decide to share it, I only log in to facebook from a smartphone ever, never from my computer, and to be honest I may just drop facebook entirely, I only use it's messenger function, and very rarely) speech recognition has been around since Windows Vista in Windows, Cortana just took it to the next level... I've never been a fan.

      And just because most of the big tech companies are in on it, does that mean I should just roll with it? That sort of mentality is exactly why there's little hope for mankind... There was this amazing video I saw once that ran down the entirety of this path (as a general concept) I forgot the name though (damn).

      Also because privacy is half dead on the internet, doesn't mean we should let it die on our own personal computers, as in privacy demolished by the OS. My offline data I expect to be exactly that, offline. My personal data I expect to be private, and I may be going uphill with this, but hey, OMV helped. But hey, I'm not gonna tell you why you should care about your privacy and how not doing so today could be your downfall tomorrow if you don't wanna hear it, (hell, in this crowd I half expected you to already know). Sure it's a bit of work to reclaim one's privacy, but it's definitely worth it just for a sense of security, whether it be a false one or not. If you care, you can ensure that you have a digital space where everything you do is private and for your eyes only, on Windows 10 this becomes completely impossible unless you have a dedicated offline computer for this express purpose (which is too much work unless you use a solution like 2 computers in one case like with the phanteks enthoo mini xl DS, actually I happen to have this but I'm using it to have linux on one machine and windows (7) on another). I don't even want Windows 10 devices to connect to my router because they share the fucking wep key (why not just open the network completely?!).

      There's a reason Windows 10 adoption rates are slow despite 7 and 8 users being able to get it for free, and it's not just people being lazy... I hope...