Posts by dmkjr

    ryecoaaron Just providing a quick update. I've spent a few hours this evening in going through the SMB config. I have removed all of the added attributes (especially from the global area) and nothing seems to help. There must be something else, outside of the SMB config that is at play here. Open for suggestions. I know this is kind of an edge case, but it's been a fun trip.


    I was able to mount a share which shows as 1PB on Windows through a VM which has the S3 storage mount. Kinda neat. Thx!

    This is from default samba. Disclaimer: I didn't remove all of the comments from the default samba.


    [global]

    ## Browsing/Identification ###

    # Change this to the workgroup/NT-domain name your Samba server will part of

    workgroup = WORKGROUP

    # server string is the equivalent of the NT Description field

    server string = %h server (Samba, Ubuntu)

    #### Networking ####

    # The specific set of interfaces / networks to bind to

    # This can be either the interface name or an IP address/netmask;

    # interface names are normally preferred

    ; interfaces = 127.0.0.0/8 eth0

    # Only bind to the named interfaces and/or networks; you must use the

    # 'interfaces' option above to use this.

    # It is recommended that you enable this feature if your Samba machine is

    # not protected by a firewall or is a firewall itself. However, this

    # option cannot handle dynamic or non-broadcast interfaces correctly.

    ; bind interfaces only = yes

    #### Debugging/Accounting ####

    # This tells Samba to use a separate log file for each machine

    # that connects

    log file = /var/log/samba/log.%m

    # Cap the size of the individual log files (in KiB).

    max log size = 1000

    # We want Samba to only log to /var/log/samba/log.{smbd,nmbd}.

    # Append syslog@1 if you want important messages to be sent to syslog too.

    logging = file

    # Do something sensible when Samba crashes: mail the admin a backtrace

    panic action = /usr/share/samba/panic-action %d

    ####### Authentication #######

    # Server role. Defines in which mode Samba will operate. Possible

    # values are "standalone server", "member server", "classic primary

    # domain controller", "classic backup domain controller", "active

    # directory domain controller".

    #

    # Most people will want "standalone server" or "member server".

    # Running as "active directory domain controller" will require first

    # running "samba-tool domain provision" to wipe databases and create a

    # new domain.

    server role = standalone server

    obey pam restrictions = yes

    # This boolean parameter controls whether Samba attempts to sync the Unix

    # password with the SMB password when the encrypted SMB password in the

    # passdb is changed.

    unix password sync = yes

    # For Unix password sync to work on a Debian GNU/Linux system, the following

    # parameters must be set (thanks to Ian Kahan <<kahan@informatik.tu-muenchen.de> for

    # sending the correct chat script for the passwd program in Debian Sarge).

    passwd program = /usr/bin/passwd %u

    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

    # This boolean controls whether PAM will be used for password changes

    # when requested by an SMB client instead of the program listed in

    # 'passwd program'. The default is 'no'.

    pam password change = yes

    # This option controls how unsuccessful authentication attempts are mapped

    # to anonymous connections

    map to guest = bad user

    ########## Domains ###########

    #

    # The following settings only takes effect if 'server role = primary

    # classic domain controller', 'server role = backup domain controller'

    # or 'domain logons' is set

    #

    # It specifies the location of the user's

    # profile directory from the client point of view) The following

    # required a [profiles] share to be setup on the samba server (see

    # below)

    ; logon path = \\%N\profiles\%U

    # Another common choice is storing the profile in the user's home directory

    # (this is Samba's default)

    # logon path = \\%N\%U\profile

    # The following setting only takes effect if 'domain logons' is set

    # It specifies the location of a user's home directory (from the client

    # point of view)

    ; logon drive = H:

    # logon home = \\%N\%U

    # The following setting only takes effect if 'domain logons' is set

    # It specifies the script to run during logon. The script must be stored

    # in the [netlogon] share

    # NOTE: Must be store in 'DOS' file format convention

    ; logon script = logon.cmd

    # This allows Unix users to be created on the domain controller via the SAMR

    # RPC pipe. The example command creates a user account with a disabled Unix

    # password; please adapt to your needs

    ; add user script = /usr/sbin/adduser --quiet --disabled-password --gecos "" %u

    # This allows machine accounts to be created on the domain controller via the

    # SAMR RPC pipe.

    # The following assumes a "machines" group exists on the system

    ; add machine script = /usr/sbin/useradd -g machines -c "%u machine account" -d /var/lib/samba -s /bin/false %u

    # This allows Unix groups to be created on the domain controller via the SAMR

    # RPC pipe.

    ; add group script = /usr/sbin/addgroup --force-badname %g

    ############ Misc ############

    # Using the following line enables you to customise your configuration

    # on a per machine basis. The %m gets replaced with the netbios name

    # of the machine that is connecting

    ; include = /home/samba/etc/smb.conf.%m

    # Some defaults for winbind (make sure you're not using the ranges

    # for something else.)

    ; idmap config * : backend = tdb

    ; idmap config * : range = 3000-7999

    ; idmap config YOURDOMAINHERE : backend = tdb

    ; idmap config YOURDOMAINHERE : range = 100000-999999

    ; template shell = /bin/bash

    # Setup usershare options to enable non-root users to share folders

    # with the net usershare command.

    # Maximum number of usershare. 0 means that usershare is disabled.

    # usershare max shares = 100

    # Allow users who've been granted usershare privileges to create

    # public shares, not just authenticated ones

    usershare allow guests = yes

    #======================= Share Definitions =======================

    # Un-comment the following (and tweak the other settings below to suit)

    # to enable the default home directory shares. This will share each

    # user's home directory as \\server\username

    ;[homes]

    ; comment = Home Directories

    ; browseable = no

    # By default, the home directories are exported read-only. Change the

    # next parameter to 'no' if you want to be able to write to them.

    ; read only = yes

    # File creation mask is set to 0700 for security reasons. If you want to

    # create files with group=rw permissions, set next parameter to 0775.

    ; create mask = 0700

    # Directory creation mask is set to 0700 for security reasons. If you want to

    # create dirs. with group=rw permissions, set next parameter to 0775.

    ; directory mask = 0700

    # By default, \\server\username shares can be connected to by anyone

    # with access to the samba server.

    # Un-comment the following parameter to make sure that only "username"

    # can connect to \\server\username

    # This might need tweaking when using external authentication schemes

    ; valid users = %S

    # Un-comment the following and create the netlogon directory for Domain Logons

    # (you need to configure Samba to act as a domain controller too.)

    ;[netlogon]

    ; comment = Network Logon Service

    ; path = /home/samba/netlogon

    ; guest ok = yes

    ; read only = yes

    # Un-comment the following and create the profiles directory to store

    # users profiles (see the "logon path" option above)

    # (you need to configure Samba to act as a domain controller too.)

    # The path below should be writable by all users so that their

    # profile directory may be created the first time they log on

    ;[profiles]

    ; comment = Users profiles

    ; path = /home/samba/profiles

    ; guest ok = no

    ; browseable = no

    ; create mask = 0600

    ; directory mask = 0700

    [printers]

    comment = All Printers

    browseable = no

    path = /var/spool/samba

    printable = yes

    guest ok = no

    read only = yes

    create mask = 0700

    # Windows clients look for this share name as a source of downloadable

    # printer drivers

    [print$]

    comment = Printer Drivers

    path = /var/lib/samba/printers

    browseable = yes

    read only = yes

    guest ok = no

    # Uncomment to allow remote administration of Windows print drivers.

    # You may need to replace 'lpadmin' with the name of the group your

    # admin users are members of.

    # Please note that you also need to set appropriate Unix permissions

    # to the drivers directory for these users to have write rights in it

    ; write list = root, @lpadmin

    [share]

    comment = I like to make shares

    path = /home/dmkjr/share

    read only = no

    browsable = yes


    To recap. It works on direct smb. I have file permission issues with OMV when mounted using rclone and then mapping the drive to a Windows PC.

    Did you compare the differences with the OMV created smb.conf and the Ubuntu smb.conf?

    Comparing now. Here is what I got.


    [global]

    workgroup = WORKGROUP

    server string = %h server

    dns proxy = no

    log level = 1

    log file = /var/log/samba/log.%m

    max log size = 1000

    logging = syslog

    panic action = /usr/share/samba/panic-action %d

    encrypt passwords = true

    passdb backend = tdbsam

    obey pam restrictions = no

    unix password sync = no

    passwd program = /usr/bin/passwd %u

    passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .

    pam password change = yes

    socket options = TCP_NODELAY IPTOS_LOWDELAY

    guest account = nobody

    load printers = no

    disable spoolss = yes

    printing = bsd

    printcap name = /dev/null

    unix extensions = yes

    wide links = no

    create mask = 0777

    directory mask = 0777

    use sendfile = yes

    aio read size = 16384

    aio write size = 16384

    time server = no

    wins support = no

    multicast dns register = no

    # Special configuration for Apple's Time Machine

    fruit:aapl = yes

    # Extra options

    min receivefile size = 16384

    getwd cache = yes

    #======================= Share Definitions =======================

    [fileStorage]

    path = /srv/dev-disk-by-uuid-4a7edec1-74f2-481d-ae6d-bed0a67fc677/fileStorage/

    guest ok = no

    guest only = no

    read only = no

    browseable = yes

    inherit acls = no

    inherit permissions = no

    ea support = no

    store dos attributes = no

    vfs objects =

    printable = no

    create mask = 0664

    force create mode = 0664

    directory mask = 0775

    force directory mode = 0775

    hide special files = yes

    follow symlinks = yes

    hide dot files = yes

    valid users = "dmkjr",@"sftp-access"

    invalid users =

    read list =

    write list = "dmkjr",@"sftp-access"

    [files]

    path = /srv/dev-disk-by-uuid-4a7edec1-74f2-481d-ae6d-bed0a67fc677/files/

    guest ok = no

    guest only = no

    read only = no

    browseable = yes

    inherit acls = no

    inherit permissions = no

    ea support = no

    store dos attributes = no

    vfs objects =

    printable = no

    create mask = 0664

    force create mode = 0664

    directory mask = 0775

    force directory mode = 0775

    hide special files = yes

    follow symlinks = yes

    hide dot files = yes

    valid users = "pi","dmkjr",@"pi",@"Users"

    invalid users =

    read list =

    write list = "pi","dmkjr",@"pi",@"Users"

    [filepro]

    path = /srv/dev-disk-by-uuid-4a7edec1-74f2-481d-ae6d-bed0a67fc67/filepro/

    guest ok = no

    guest only = no

    read only = no

    browseable = yes

    inherit acls = no

    inherit permissions = no

    ea support = no

    store dos attributes = no

    vfs objects =

    printable = no

    create mask = 0664

    force create mode = 0664

    directory mask = 0775

    force directory mode = 0775

    hide special files = yes

    follow symlinks = yes

    hide dot files = yes

    valid users = "pi","dmkjr",@"pi",@"Users"

    invalid users =

    read list =

    write list = "pi","dmkjr",@"pi",@"Users"

    That is from OMV.

    Use the resetperms-plugin to reset the permissions of the shared folders pointing at the rclone mount point.

    macom Sorry it took me awhile to get back to this today. I tried the plugin, no dice. My idea works with the mount, just something with OMV is not liking it. I'm not 100% sure if it's OMV or if it's rclone mount and then the SMB share mounted to Windows and the permissions do not traverse the correct way. The "owner" permissions are derived from the user that actually runs the mount. However, I cannot get any other credentials to the shared folder (even after using the reset permissions plugin).


    Any ideas? I'm open ears.

    macom So after some more playing around with this, I can confirm the method just doesn't like OMV.


    I have created a new Ubuntu VM and created a samba share manually, with rclone mount and it worked as expected. There is something with the OMV configuration it doesn't like. Perhaps the default samba.conf is conflicting somehow? I'm not familiar enough with the backend workings of samba to troubleshoot further but would be willing to give it the good college try if someone more knowledgable than me can assist.


    In a nutshell OMV is not passing along the permissions. I have attempted to edit the ACL but it will not allow me to edit the ACL when the rclone mount function is active. As soon as I disconnect the samba share, I can then edit the ACL again without issue.

    Good afternoon. I am trying to mount storage (Amazon S3) to OMV using rclone mount. When we mount a shared drive we can run a ../../filepathhere/ ls and it prints the list of files from our mounted shared drive. This works fine.


    However, now I want to create a shared drive in OMV so we can connect our Windows based machines (map drive) to the cloud server through OMV. Essentially we are going to be connecting our remote storage locations to the OMV instance and then connecting each client to the OMV instance.


    The problem comes in when accessing the shared folder. \\10.10.10.10\files (works when the rclone mount function is not running. As soon as you attempt to access the shared folder while it's running, it provides an error about not being able to connect.


    Any ideas? Simpler method to accomplish what I'm trying to do?


    (you'll notice screenshot shows "sk-media" or something similar. I started over from scratch and used /files instead)

    Check permissions of that folder. Users created in OMV are by default members of the users group. So group of that folder should be "users". And you need to give privileges for that folder to the user that is accessing it.

    Permissions looked good. Here is what I have. It's not showing "rootfs" anymore and showing maindrive.


    Inside that drive , /sk-files is the mount location from S3.

    Because you have to select a filesystem, you only have to select the relative path on that filesystem.


    You can use the little tree icon on the right side to browse your filesystem.

    macom I feel like I'm getting closer. SMB still isn't liking it. See attached. Thanks for the help.

    the remotemount plugin doesn't support s3 anyway.


    If you install the sharerootfs plugin, you will be able to create sharedfolders from the path you have rclone mounted on.

    Thank you. That is a good idea to make it happen. Where is the plugin settings? I have it installed, but do not see where it allows me to create a sharedfolder without selecting the disk I'm putting it on.

    I know that the remotefs plugin isn't available yet for OMV6.X and I'm not even beginning to ask for an ETA. I have mounted one of our buckets using 'rclone' and it's working fine. However, I'm stuck at making the /mnt/test-folder/ appear as a disk to OMV. Any ideas?


    Thanks!

    Nope. Just mount it once you have reinstalled.


    Not at this point. Struggling enough with the plugins as it is.

    no worries. Thanks for the help today. I have reinstalled, fresh, and now I see the 6.x plugins. Cheers!

    There are a few problems here:

    • I haven't done a single OMV 5.x to 6.x upgrade
    • The omvextras 5.x plugin doesn't have any code to do anything when running omv-release-upgrade
    • Upgrading is not recommended for RPi - omv 6.x on rpi
    • omv 6.x is a release candidate but the omv-extras plugins are at best beta.

    I'm not saying I won't fix it but spending time on weird upgrade issues is just delaying me from finishing the plugins and then looking at upgrades.

    I don't really have a problem in reinstalling 6.0 on the RPI. On that topic, I have an external HD connected via USB. That is the primary target of data storage (mostly FTP connections dumping PBX information). Would I need to offload that data to another source, add the hard drive and then move the data back?


    Would you like any information from my device to perhaps fix the upgrade process in the future should I format and start over? Thanks.