Beiträge von johnnywoz

  • Odd behaviors

    I setup a new fresh install of OMV3 and added Netatalk plugin. I created a shared folder, set it's permissions and ACLs, and then added the folder to Apple Filing.


    ISSUES:

    • I am not able to browse the the shared folder (from 2 different macs) yet I can manually connect to it (cmd-k)
    • I started a copy of files from my computer to the shared folder and the copy halted

    In the syslog it says that the computer logged out, don't know why as i didn't touch the copy process


    root@omv3:/var/log# cat /etc/netatalk/afp.conf
    [Global]
    max connections = 20
    mac charset = MAC_ROMAN
    unix charset = LOCALE
    guest account = nobody
    uam list = uams_dhx.so,uams_dhx2.so
    save password = no
    [Keepers]
    path = /srv/dev-disk-by-id-md-name-omv3-DATA/Keepers
    read only = no
    unix priv = yes
    file perm = 0664
    directory perm = 0775
    umask = 0002
    invisible dots = no
    time machine = no
    valid users = "mini2" "woz" @"masters"
    invalid users =
    rolist =
    rwlist = "mini2" "woz" @"masters"
    [Backups]
    path = /srv/dev-disk-by-id-md-name-omv3-DATA/Backups
    read only = no
    unix priv = yes
    file perm = 0664
    directory perm = 0775
    umask = 0002
    invisible dots = no
    time machine = no
    valid users = "mini2" "woz" @"masters"
    invalid users =
    rolist =
    rwlist = "mini2" "woz" @"masters"


    root@omv3:/var/log# systemctl status netatalk
    ● netatalk.service - Netatalk AFP fileserver for Macintosh clients
    Loaded: loaded (/lib/systemd/system/netatalk.service; enabled)
    Active: active (running) since Mon 2017-07-17 13:13:34 CDT; 37min ago
    Docs: man:afp.conf(5)
    man:netatalk(8)
    man:afpd(8)
    man:cnid_metad(8)
    man:cnid_dbd(8)
    http://netatalk.sourceforge.net/
    Process: 3284 ExecStart=/usr/sbin/netatalk (code=exited, status=0/SUCCESS)
    Main PID: 3286 (netatalk)
    CGroup: /system.slice/netatalk.service
    ├─3286 /usr/sbin/netatalk
    ├─3287 /usr/sbin/afpd -d -F /etc/netatalk/afp.conf
    ├─3288 /usr/sbin/cnid_metad -d -F /etc/netatalk/afp.conf
    ├─3422 /usr/sbin/cnid_dbd -F /etc/netatalk/afp.conf -p /srv/dev-disk-by-id-md-name-omv3-DATA/Backups -t 8 ...
    ├─3423 /usr/sbin/cnid_dbd -F /etc/netatalk/afp.conf -p /srv/dev-disk-by-id-md-name-omv3-DATA/Keepers -t 9 ...
    └─3430 /usr/sbin/afpd -d -F /etc/netatalk/afp.conf



    Jul 17 13:13:34 omv3 afpd[3287]: Netatalk AFP/TCP listening on 10.0.10.210:548
    Jul 17 13:15:18 omv3 afpd[3421]: pam_unix(netatalk:session): session opened for user mini2 by (uid=0)
    Jul 17 13:15:18 omv3 afpd[3421]: Login by mini2 (AFP3.4)
    Jul 17 13:15:32 omv3 afpd[3430]: pam_unix(netatalk:session): session opened for user mini2 by (uid=0)
    Jul 17 13:15:32 omv3 afpd[3430]: Login by mini2 (AFP3.4)
    Jul 17 13:16:10 omv3 afpd[3421]: AFP logout by mini2
    Jul 17 13:16:10 omv3 afpd[3421]: dsi_stream_read: len:0, unexpected EOF
    Jul 17 13:16:10 omv3 afpd[3421]: afp_over_dsi: client logged out, terminating DSI session
    Jul 17 13:16:10 omv3 afpd[3421]: pam_unix(netatalk:session): session closed for user mini2
    Jul 17 13:16:10 omv3 afpd[3421]: PAM audit_log_acct_message() failed: Operation not permitted


    root@omv3:/var/log# netatalk -V
    netatalk 3.1.9 - Netatalk AFP server service controller daemon


    This program is free software; you can redistribute it and/or modify it under
    the terms of the GNU General Public License as published by the Free Software
    Foundation; either version 2 of the License, or (at your option) any later
    version. Please see the file COPYING for further information and details.


    netatalk has been compiled with support for these features:


    Spotlight support: No


    afpd: /usr/sbin/afpd
    cnid_metad: /usr/sbin/cnid_metad
    afp.conf: /etc/netatalk/afp.conf
    netatalk lock file: /var/lock/netatalk




    Please let me know what other details you need
    Thanks!

  • Access Denied by Server

    Just in case anyone else finds themselves in the same situation, I'd like to post the solution for getting this to work. And as mentioned by subzero79, this is related to running on Proxmox VM server.


    link to solution details


    While SSH'd into the local PVE node;
    First step is to mount the nfs share on the local PVE node; mount ip_nfs_server:/nfs_share /mnt/local_folder
    Second is to then bind the mount point to the LXC; pct set CONTAINER_ID -mpX /mnt/local_folder,mp=/path/inside/the/container


    Enjoy :)

  • Access Denied by Server

    Zitat von subzero79

    This has to do with lxc by itself with security constraints. I also use proxmox and i get the same output. You can mount in host node and use bind mount or relax the lxc settings.

    Thank you for that info, I looked into Proxmox docs and LXCs details and found those security details as you mentioned.


    I have been consolidating my numerous individual servers into a single VM server (Proxmox) and so have been learning alot along the way, just like this issue.

  • Access Denied by Server

    Zitat von subzero79

    Just check the syslog in Omv server when you attempt to mount from the client. Should have also an error. Also for now just delete the subnet restriction.

    Thanks, I should have mentioned that too, I had tried without the subnet also with same results. Checking syslog does not show any attempt to connect/reject a user. However, turning off and on the NFS services does show numerous errors.


    Anyhow, I am giving up as now my SMB/CIFS services are now hosed too. I no longer have access to those shares from any computer or with any user accounts. I tried removing and re-adding shares to no avail. I also tried removing and adding users, I'm just not able to connect to any shares.


    I guess my OMV installation is hosed.

  • Access Denied by Server

    I am absolutely banging my head on the keyboard and feeling like a complete noob trying to make nfs work for me.


    I am trying to share an NFS folder from OMV3 and connect to it from a Debian 8 LXC and am getting "mount.nfs: access denied by server while mounting ..."


    Some background; single server running Proxmox, OMV3 installed in Debian 8 VM (host), Debian 8 LXC (client) running app that needs access to NFS share. While logged into client (Debian8LXC) as root, I have tried to mount the nfs share using any of three below methods and am not able to gain access;

    • mount host:/folder /folder
    • mount host:/export/folder /folder
    • mount -o nfsvers=3 host:/export/folder /folder


    I am at a complete loss, any help is greatly appreciated. Please let me know what files/details I need to post.


    NOTES:
    I have tried to open up the NFS share as much as possible by adding more and more options;


    /etc/export
    # This configuration file is auto-generated.
    # WARNING: Do not edit this file, your changes will be lost.
    #
    # /etc/exports: the access control list for filesystems which may be exported
    # to NFS clients. See exports(5).
    /export/folder xx.xx.xx.xx/24(fsid=1,rw,sync,no_subtree_check,no_root_squash,insecure,all_squash,anongid=100)
    # NFSv4 - pseudo filesystem root
    /export xx.xx.xx.xx/24(ro,fsid=0,root_squash,no_subtree_check,hide


    I have also tried giving the "/export/folder/" 777 nobody:nogroup permissions.


    And yes, I installed nfs-common in the LXC.


    I have also tried to mount the NFS share from my MacBookPro, UID/GID matching to host, and get Permission denied.