Hello OMV Community, after A LOT of trial and error I try to get some help with getting my SMB to work, as Samba is driving me freaking INSANE!
(Is it normal, that this piece of **** software behaves like a diva?)
First of all my config:
I am using a Raspberry Pi 4B 8GB with the newest stable OMV5 installed on an 250GB USB 3.0 SSD on the newest stable Raspberry OS 32-bit (ARMv71). An 1 TB SSD for data is also plugged in and mounted. No MicroSD is involved or plugged in.
My drive structure is the following:
sda (250GB Sata SSD on USB 3.0)
sda1 boot partition
sda2 system partition
sda3 a bigger partition, mounted like any other drives partition for data, including the data in the share, I am trying to get to work
sdb (1TB Sata SSD on USB 3.0)
sdb1 another mounted data partition dedicated to my music collection
And these are my users and groups.
pi is the standard user I am using SSH with and is also the user that Plex uses to access files
samuel and samuelreadonly are my users, the last one is dedicated to scenarios where I expect other software to **** up my files while accessing it (did happen with a VMware drive, VMware deleted the entire virtual drive file, that gave me some bad time).
vivien, heike and marco are family members in my house, who are also going to use my pi-NAS.
These are my shares:
So what I want is, for example: I have a share, called “Cloud_Samuel”.
It should be accessible for the users samuel, samuelreadonly and also for pi.
I want samuel and pi to have full access (including execute), while samuelread should only have read and execute.
All other users should not have any access at all (also over NFS and FTP and everything possible else later), and the safer I can avoid them accessing my files, the better.
What I get is:
Directories:
The users get the correct rights but the group "users" does not get any rights (thats not the biggest problem, as my users can access it like I want, but it is still strange behaviour)
Files:
Created with a Linux (KDE) Client (different PC, not the raspberry) via SMB in dolphin:
All files get the correct and configured rights read and execute on samuel, samuelreadonly and pi.
samuel and pi also get write, but they don’t get full access and modify (which are also rights I want them to have), like the folders get.
The group “users” get the same rights as the user samuelreadonly, read and execute, which is correct.
Created with Windows 10:
Now the fun part starts, I dont have any clue what the hell is going on here.
The permissions depend on the file type (yes, you read that right), but not in any logical way.
So for example, if I create an rtf file, it will get the same permissions as the files I create with the Linux, which is the better scenario. Theres still the weird thing with no modify or full access but at least it is, like I configured it in the ACL window in OMV.
But when I create an .txt or .bmp file, none of the users and also not the group "users" get the permission execute (which I want all files to have).
I mean what the hell is going on here. I tried like every option and scenario OMV 5 gives me, and this is the best I get. I don’t even know where I should start. Is it Windows or Sambas fault? Is OMV5 not able to configure Samba the way I want it to work or are my Unix-permissions broken?
Share information:
Share permissions:
Share ACL:
Samba Config:
Advanced Options:
min receivefile size = 16384
write cache size = 524288
getwd cache = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY
admin users = root
Samba Share Config: 24
Alles anzeigen
Samba Share Config
smb.conf:
# This file is auto-generated by openmediavault (https://www.openmediavault.org)
# WARNING: Do not edit this file, your changes will get lost.
#======================= Global Settings =======================
[global]
workgroup = WORKGROUP
server string = %h server
dns proxy = no
log level = 0
log file = /var/log/samba/log.%m
max log size = 1000
logging = syslog
panic action = /usr/share/samba/panic-action %d
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = no
unix password sync = no
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY
guest account = nobody
load printers = no
disable spoolss = yes
printing = bsd
printcap name = /dev/null
unix extensions = yes
wide links = no
create mask = 0777
directory mask = 0777
use sendfile = yes
aio read size = 16384
aio write size = 16384
time server = no
wins support = no
multicast dns register = no
# Special configuration for Apple's Time Machine
fruit:aapl = yes
# Extra options
min receivefile size = 16384
write cache size = 524288
getwd cache = yes
socket options = TCP_NODELAY IPTOS_LOWDELAY
admin users = root
#======================= Share Definitions =======================
[Cloud_Vivien]
path = /srv/dev-disk-by-label-DatenMain/Cloud/Cloud_Vivien/
guest ok = no
guest only = no
read only = no
browseable = yes
inherit acls = yes
inherit permissions = no
ea support = no
store dos attributes = no
vfs objects =
printable = no
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
hide special files = yes
follow symlinks = yes
hide dot files = no
valid users =
invalid users =
read list =
write list =
[Cloud_Samuel]
path = /srv/dev-disk-by-label-DatenMain/Cloud/Cloud_Samuel/
guest ok = no
guest only = no
read only = no
browseable = yes
inherit acls = yes
inherit permissions = no
ea support = no
store dos attributes = no
vfs objects =
printable = no
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
hide special files = yes
follow symlinks = yes
hide dot files = no
valid users = "pi","samuel","samuelreadonly"
invalid users = "heike","marco","vivien"
read list = "samuelreadonly"
write list = "pi","samuel"
[Cloud_Heike]
path = /srv/dev-disk-by-label-DatenMain/Cloud/Cloud_Heike/
guest ok = no
guest only = no
read only = no
browseable = yes
inherit acls = yes
inherit permissions = no
ea support = no
store dos attributes = no
vfs objects =
printable = no
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
hide special files = yes
follow symlinks = yes
hide dot files = no
valid users =
invalid users =
read list =
write list =
[Cloud_Marco]
path = /srv/dev-disk-by-label-DatenMain/Cloud/Cloud_Marco/
guest ok = no
guest only = no
read only = no
browseable = yes
inherit acls = yes
inherit permissions = no
ea support = no
store dos attributes = no
vfs objects =
printable = no
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
hide special files = yes
follow symlinks = yes
hide dot files = no
valid users =
invalid users =
read list =
write list =
[Cloud_Familie]
path = /srv/dev-disk-by-label-DatenMain/Cloud/Cloud_Familie/
guest ok = no
guest only = no
read only = no
browseable = yes
inherit acls = yes
inherit permissions = no
ea support = no
store dos attributes = no
vfs objects =
printable = no
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
hide special files = yes
follow symlinks = yes
hide dot files = no
valid users =
invalid users =
read list =
write list =
[Samuel_Musik]
path = /srv/dev-disk-by-label-Musik/
guest ok = no
guest only = no
read only = no
browseable = yes
inherit acls = yes
inherit permissions = no
ea support = no
store dos attributes = no
vfs objects =
printable = no
create mask = 0664
force create mode = 0664
directory mask = 0775
force directory mode = 0775
hide special files = yes
follow symlinks = yes
hide dot files = no
valid users =
invalid users =
read list =
write list =
Alles anzeigen
Let me know where I can find further information to give like logs and stuff, if needed.
Thanks in advance for any help on this.
SilverLPs