Clarification on samba shares...?

Hello friends. I've got a test machine running OMV at the moment so I can tinker around and see what I can get into. I'm a little confused over one particular topic and just wanted some clarification. I'm trying to duplicate the setup I have running on my Ubuntu Server. It's slightly different as on my Ubuntu Server, I basically have one samba share set up, which runs through /media/storage. Within /media/storage are a series of other folders, music, pictures, public, videos, etc. I utilize POSIX permissions here by having myself as the owner + a group associated with the folder assigned with appropriate permissions.

i.e. /media/storage/videos would be owned by jason:videos, then all users who need group access are in the videos group.

Here in OMV land, it's kind of opposite. Instead of relying on POSIX permissions, it relies on samba permissions. Okay, I get that. Here's where I get confused. With trying to set up multiple samba shares to match my /media/storage/videos and /media/storage/pictures, etc., it seems as if I have to create a shared folder first.

So from start to finish, it looks like:

1) Create file system on drive/array
2) Create a shared folder
3) Create a samba share to match that shared folder
4) Go back to the shared folder preferences to effectively choose who has what permissions to the shared folder.

I'm just trying to compare my current setup versus what I'm trying to duplicate and I'm getting a little confused. What is the use of a "shared folder" if samba effectively does the sharing? I'm just having trouble understanding why I need to create a shared folder, then go to the samba preferences to effectively 'share' it out, then back to shared folders to control the privileges for that share.

I'm sure there's an explanation that I'm not seeing, but I figured I'd ask instead of wondering too much about it. Thanks!

Thanks everyone. I did notice (and saw in a YouTube video about OMV) that the users group is an auto-add for any new user. That's kind of nice since it does indeed give a generic level of access that can be easily further tweaked if necessary. The samba shares vs shared folders thing makes a lot of sense *now* that I heard it explained like that. At first it can be a little confusing since what I'm trying to do in my mind is map what I do manually with creating the array, creating the partition (volume) on the array, mounting it in fstab, then sharing that directory out via samba, users, permissions, etc. I mean, what I have now works very well, so by nature I'd like to see if I can tweak OMV to a "what I have now" level, and then go from there.

Last night I was admittedly (and, as always) running on some intense fumes as I tweaked around with OMV. When I made this post I was under the impression that I could not effectively replicate my current setup, where /media/storage is the samba share, and /media/storage/pictures has one set of permissions while /media/storage/music has another set of permissions.

That said, could I not still do that? I figure I could mount /media/storage as the only samba share, much like I do now, and from there let the ACL portion take over with the directories inside. Within the ACL I saw you could adjust who owns what with an option of being recursive, etc. I thought I read somewhere that ACL's weren't recommended, but I can't remember if that was specifically for OMV, or if that was one of the many other projects I looked at that might have issues in their own ACL department.

I used to have a samba share specifically for each and every "top level" storage folder, i.e. music, pictures, videos, public, backups, etc etc., but when I switched everything back to a single samba share with the underlying rwx permissions taking control, I kind of liked how streamlined it felt when I was working within multiple directories and not having six locations mounted. I might be splitting hairs here, but anyway, figured I'd do a brain dump of thoughts to see what you folks might have to say about it. I'm open minded to hear what you think!

P.S. - It's nice to see people are so helpful here with quick answers. Thanks for that.

P.S. v2 - I'm not trying to detract from the quality of OMV by wording my question this way, but am I correct in understanding that a lot of the fundamentals built into OMV are simply Linux features wrapped up in a very nice, sensible interface? I have a habit of cat'ing the smb.conf after I make GUI changes. It's brought to light several features that I didn't know about. Seeing OMV just directly edit the conf files is kind of nice, as it doesn't seem to be doing any weird styling changes where I can't as easily follow what it's doing under the hood, but at the same token it just makes me think "hey, these features have been here all along..." Take for example assigning a group in the smb.conf as a valid user, etc. Does that go for ACLs too? All of this available in a straight up regular Linux install?

Zitat von tekkb

The filesystems that are created on the data drives are assigned uuid numbers. The uuid number are mounted at /media. So your location for the mounts would change slightly.

/media/uuid/storage
/media/uuid/storage/pictures
/media/uuid/storage/music

I use one Media share and create subfolders for the various media types. It works well. But you might have stuff that you don't want read-only to others.

Alles anzeigen

I noticed that the UUID portion takes place. That's totally fine. What I was getting at in terms of "matching" my current setup was just in regard to POSIX perms vs Samba perms, i.e. instead of having:

/media/UUID/storage/pictures
/media/UUID/storage/music
/media/UUID/storage/backups

all a specific Samba share, with Samba permissions controlling each one, instead do:

/media/UUID/storage as the only Samba share, and then:

/media/UUID/storage/pictures be controllable via ACL
/media/UUID/storage/music be controllable via ACL
/media/UUID/storage/backups be controllable via ACL

etc... If that portion is replicable, I'll try that tonight on my poor excuse for a test box rocking three 40 GB IDE drives.

See, that kind of concerns me a bit. I don't think it makes sense to have multiple user logins to the same system. If I connect to my server, I have to authenticate for each samba share. But if each of my 12 "top level" storage folders are all shares, I have to authenticate against each one. I think this is where I switched things up and began to use a single Samba share along with POSIX permissions underneath...

I'll have to test and see though. Perhaps there's a way to simply change the user/group and rwx settings on each "sub directory" within the main Samba share without having to drop to a shell and change it from there.

EDIT - Tinkering with it more now... I'm still trying to wrap my brain around it. I think I get it, but I think it's just very different from what I'm used to. Based on what I'm seeing, it feels like if I want separate permissions for different things, I need to isolate each parent folder accordingly. For example, I don't want my HTPC (which has a samba user, simply named HTPC) to have read/write access to the videos/pictures/music. Reason being is that the HTPC box auto mounts the Samba shares to stream from my server. Often times some nieces and nephews are over, so I want the HTPC account to specifically be read only, so you can view the videos, but I don't have to worry about them being deleted.

As a result, I'd need to have everything split, since I WANT HTPC to have read/write access to my "public" folder on my server. So I can't seem to have /media/UUID/storage shared out while keeping HTPC read only for /media/UUID/storage/pictures and having read-write for /media/UUID/storage/public. Perhaps ACL wise I can, but after some Googling I'm not sure I want to get into that. Maybe it's the answer, but I've read about enough issues to make me turn away from that.

It's not so much that I would need to split my current data *structure*, it's just instead of having /media/UUID/storage as the share, I need to have everything underneath of it as its own separate share so I can individualize the permissions for each user/group accordingly. Unless there's a way, somewhere, I can simply tweak the RWX permissions from within the web GUI?

The other confusing thing is it seems like I have to have the parent + the underlying directories shared. I created "storage" to get started as a shared folder, but I want everything to reside within "storage". Storage is the parent folder containing everything since I can't seem to figure out how to have Pictures Music Videos etc at the top level (which is fine, as I assume "storage" being the parent is the volume/mount point anyway). So within storage is music pictures public videos movies tv surveillance etc etc. So to have everything inside shared *separately*, it seems as if I need to do the following...

1) Create a shared folder for /media/UUID/storage.
2) Create a samba share for /media/UUID/storage.
3) Log in to the samba share from a client, create more folders (music pictures videos etc)
4) In OMV UI, create additional shared folders for music, pictures, videos, etc.

Is that right?

EDIT 2 - I seem to have stumbled across an option to allow me to create shared folders wherever I want, namely by that neat little magnifying glass option on the right side of the "path" field. That was confusing to me because when I went to type it in manually, it kept re-inserting itself. So if I'd erase storage, once I deleted the last character of the word storage, it would simply put it back. I didn't think this was changeable as a result. But in the magnifying glass, I can choose the full path. This makes more sense. I wanted to leave all of the brain dumping I did above in case any other users could benefit in a future search.

The only catch is, how do I create folders on the drive to have them available to choose as a shared folder? Of course I can do it via CLI, but I'm trying to do this the OMV/web GUI way through and through first...

EDIT - Nevermind. I got it. I did not realize that creating a shared folder ALSO creates a folder associated with it if the folder in question does not exist. The problem is I'm on a 1080 laptop with a 14" screen, so I had zoomed in quite a bit to bring all of the text larger. In doing so, it crunched the notification that it would create a folder if it did not exist. So, I assumed it needed to exist prior to setting up a shared folder, and then, later a samba share.

Kind of a derp move, but in the name of helping someone else out in the future, that's my update. Things look good now. I'll experiment with my test OMV server tonight a bit more.

One last question - Is OMV basically straight Debian with OMV on top? Reason I ask is if I ever run into an application that I need to run on my server, it makes me wonder if I could just SSH in (just as I do with Ubuntu Server) and then install it from terminal (just as I do with Ubuntu Server) from there. I wasn't sure if OMV is a "customized" Debian at the core or if it's basically straight headless no GUI Debian with OMV goodies on top.

Everybody - thanks for your quick and very helpful assistance.

No worries. I'm not sure if you saw my edit or not since my edit time + your post time was nearly identical, but I think I'm good now. I really do appreciate your offer to remote in though. That says a lot about the community here. I just haven't been in a position to sit down, relax, and undertake something like that where I can sit down and focus since I've been running here, there, etc. (busy job + side job + wife and kiddo are both sick. yeah...).

I would assume given that my folders are already set up on the disk array on my Ubuntu Server that I could slap the two 3TBs in an OMV box and it pick right up. I would just have to set up users and map the shares, etc. Should be easy at this point.

Is that to say that I can pull the ownCloud repo directly from their openSUSE Build Service source and install ownCloud just like I would on a regular Debian/Ubuntu/etc install?

Only reason I ask is I'm trying, and failing (just getting a 404), and going to bed, but I figured i'd ask if the above was possible before I invested too much more time tomorrow on something that I didn't know was flat out impossible. If this is possible then I'll get it figured out, just wanted to make sure!

Thanks!

I installed apache and mysql but no dice. I'm not worried about it, I can either tweak it to run with nginx or figure out apache. Like I said just wanted to make sure that wasn't a known show stopper.

Curious, how many developers work on OMV? Is it just Volker?