No Permission to read Shares

    • OMV 4.x

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • No Permission to read Shares

      Hi,

      I am Using OMV 4.1.31.-1 (Arrakis). I can connect to my SMB share but I cannot access its content.

      In Windows 10 I'm connecting with Map network drive via \\192.168.178.100\Sharetest or \\omvnas\Sharetest. If I provide a wrong password, the drive won't be added. However, with the correct password the drive will be mapped but I cannot open it, it's a "Permission denied" error. From Xubuntu Live I tried something like mount -t cifs -o ver=3.11,user=user1 ... but I get cifs_mount failed w/return code = -13

      What I have checked so far:
      • Create user1 in groups: user1, users, sambashare
      • Access Rights Management > Shared Folders: Add "Sharetest"
        • Permissions: Everyone: read/write
        • Privileges: Read/Write for user user1 and group user1
        • Tried with and without ACLs
      • Services > SMB/CIFS > Settings:
        • Enable
        • Workgroup: WORKGROUP
        • Local master browser OFF
        • Home directories: OFF
        • Browseable: ON
        • WINS support OFF
        • Use sendfile: ON
      • Services > SMB/CIFS > Shares:
        • Sharetest
        • Public: Guests allowed
        • Browseable ON
        • Inherit ACLs ON
      • Changed file permissions:
        • chown -R user1:users /srv/dev-disk-by-label-nasdrive/Sharetest (tried with and without this)
        • chmod -R 777 /srv/dev-disk-by-label-nasdrive/Sharetest (tried with and without this)
      • File permissions of /srv/dev-disk-by-label-nasdrive/Sharetest:

        Shell-Script: ls -la

        1. root@omvnas:/srv/dev-disk-by-label-nasdrive/Sharetest #
        2. drwxrwsrwx 4 user1 users 4.0K Jan 25 01:14 .
        3. drwxrws--- 14 root root 4.0K Jan 23 22:25 ..
        4. drwxrwsrwx 2 user1 users 4.0K Jan 24 23:17 MyFolder
        5. root@omvnas:/sharedfolders/Sharetest #
        6. drwxrwsrwx 4 user1 users 4.0K Jan 25 01:14 .
        7. drwxr-xr-x 4 root root 4.0K Jan 24 00:07 ..
        8. drwxrwsrwx 2 user1 users 4.0K Jan 24 23:17 MyFolder

        As you can see I have setgid set, but is doesn't seem to change anything.


      Shell-Script: /etc/samba/smb.conf

      1. #======================= Global Settings =======================
      2. [global]
      3. workgroup = WORKGROUP
      4. server string = %h server
      5. dns proxy = no
      6. log level = 10
      7. log file = /var/log/samba/log.%m
      8. max log size = 1000
      9. logging = syslog
      10. panic action = /usr/share/samba/panic-action %d
      11. encrypt passwords = true
      12. passdb backend = tdbsam
      13. obey pam restrictions = no
      14. unix password sync = no
      15. passwd program = /usr/bin/passwd %u
      16. passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
      17. pam password change = yes
      18. socket options = TCP_NODELAY IPTOS_LOWDELAY
      19. guest account = nobody
      20. load printers = no
      21. disable spoolss = yes
      22. printing = bsd
      23. printcap name = /dev/null
      24. unix extensions = yes
      25. wide links = no
      26. create mask = 0777
      27. directory mask = 0777
      28. map to guest = Bad User
      29. use sendfile = yes
      30. local master = no
      31. time server = no
      32. wins support = no
      33. #======================= Share Definitions =======================
      34. [Sharetest]
      35. comment = Sharetest
      36. path = /srv/dev-disk-by-label-nasdrive/Sharetest
      37. guest ok = yes
      38. read only = no
      39. browseable = yes
      40. inherit acls = yes
      41. inherit permissions = yes
      42. ea support = no
      43. store dos attributes = no
      44. vfs objects =
      45. printable = no
      46. create mask = 0664
      47. force create mode = 0664
      48. directory mask = 0775
      49. force directory mode = 0775
      50. hide special files = yes
      51. follow symlinks = yes
      52. hide dot files = no
      53. read list =
      54. write list = "user1",@"user1"
      Display All



      Source Code

      1. Jan 25 01:24:59 omvnas nmbd[19559]: [2020/01/25 01:24:59.040304, 4, pid=19559, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_workgroupdb.c:165(find_workgroup_on_subnet)
      2. Jan 25 01:24:59 omvnas nmbd[19559]: find_workgroup_on_subnet: workgroup search for WORKGROUP on subnet 192.168.178.100: found.
      3. Jan 25 01:24:59 omvnas nmbd[19559]: [2020/01/25 01:24:59.040469, 10, pid=19559, effective(0, 0), real(0, 0)] ../source3/nmbd/nmbd_sendannounce.c:376(announce_myself_to_domain_master_browser)
      4. Jan 25 01:24:59 omvnas nmbd[19559]: announce_myself_to_domain_master_browser: no unicast subnet, ignoring.


      I accidentally created an aquota.group and aquota.user file in /srv/dev-disk-by-label-nasdrive via the UI but there isn't any active quota set.

      With debian from WSL I see:

      Source Code

      1. root@Desktop:~# smbclient -L //omvnas -U user1
      2. tdb(/var/run/samba/gencache_notrans.tdb): tdb_open_ex: tdb_new_database failed for /var/run/samba/gencache_notrans.tdb: Operation not permitted
      3. tdb(/var/run/samba/gencache_notrans.tdb): tdb_open_ex: tdb_new_database failed for /var/run/samba/gencache_notrans.tdb: Operation not permitted
      4. tdb(/var/run/samba/gencache_notrans.tdb): tdb_open_ex: tdb_new_database failed for /var/run/samba/gencache_notrans.tdb: Operation not permitted
      5. Enter WORKGROUP\user1's password:
      6. Sharename Type Comment
      7. --------- ---- -------
      8. Sharetest Disk Sharetest
      9. IPC$ IPC IPC Service (omvnas server)
      10. Reconnecting with SMB1 for workgroup listing.
      11. tdb(/var/run/samba/gencache_notrans.tdb): tdb_open_ex: tdb_new_database failed for /var/run/samba/gencache_notrans.tdb: Operation not permitted
      12. tdb(/var/run/samba/gencache_notrans.tdb): tdb_open_ex: tdb_new_database failed for /var/run/samba/gencache_notrans.tdb: Operation not permitted
      13. tdb(/var/run/samba/gencache_notrans.tdb): tdb_open_ex: tdb_new_database failed for /var/run/samba/gencache_notrans.tdb: Operation not permitted
      14. Server Comment
      15. --------- -------
      16. Workgroup Master
      17. --------- -------
      18. WORKGROUP
      19. root@Desktop:~$ smbclient //omvnas/Sharetest -U user1
      20. Unable to initialize messaging context
      21. Enter WORKGROUP\user1's password:
      22. Try "help" to get a list of possible commands.
      23. smb: \> ls
      24. NT_STATUS_ACCESS_DENIED listing \*
      25. smb: \>
      Display All


      gencache_notrans seems to be a known bug in WSL1.

      What am I missing here? Could anybody please provide their output of the commands I used above? Like smbclient //omvnas/Sharetest -U user1. What else can I check?

      The post was edited 1 time, last by Fractal ().

    • I just found it.

      I had to set the group of the disk to users with chgrp users /srv/dev-disk-by-label-nasdrive

      drwxrws--- 14 root root 4.0K Jan 23 22:25 dev-disk-by-label-nasdrive (before)
      drwxrws--- 14 root users 4.0K Jan 23 22:25 dev-disk-by-label-nasdrive (after)

      Is this a bad idea? Any concerns regarding security or stability? Would it be better to set

      drwxrwsr-x 14 root root 4.0K Jan 23 22:25 dev-disk-by-label-nasdrive instead?

      The post was edited 4 times, last by Fractal ().