Beiträge von SoaringPingu

Solved!
Thanks again bump and subzero79 for pointing me in the right direction. I was close, but I was thwarted by the one missing privilege of 'matback' in the ACL for the drive itself. I was also thrown by the fact that I thought I had reset the ACL permissions, but I had just clicked the "save" icon, and in my tiredness I didn't think that the "reset permissions" button was actually a button... Well, now I know

So, to conclude and answer some of my own questions for reference to others (anyone can feel free to correct if I have got it wrong
ACL's trump the standard (posix?) permissions. In my case, a missing ACL permission on the parent folder of the home directory for a user prevented access to the SSH home directory, even though the user had the proper ACL rights to the home directory and was a member of the "users" group, which had the right permissions in the base permissions. resetting the ACL on the parent directory made it all work as intended.

When using ACL's, the user must have the proper permissions on all parent folders to access a sub folder. (as shown above)

This would be the reason for not sharing the root directory (recommended not to do so in many places). I only shared it once to set up the folder structure of my other shares. The ACL's got set, and then after removing that share and adding a new user, that new user couldn't access the shares. I had to re-share the root to remove all ACL's, using omv-extras, and then remove the share once more.

Resources to sort out permissions issues (besides the help from the forum
omv-extras use to reset ACL permissions. If you share the root to remove permissions, don't have that share selected in the permissions reset tab as that will mark it as referenced, and as such the system will not let you delete that share.

tree -L 2 -gudp /media/
This will list the "group and user permissions for directories only, two directory levels down from the /media/ folder. (Not ACL permissions). Install with apt-get install tree. I found out about this from here: Permissions denied. Cannot understand why. (from subzero79)

getfacl -p /media/ this command will list all the ACL permissions on the given directory. Other parameters will allow to list for subb directories and files etc. Can be used with "> permissions.txt" to get it in a text file, then one can use 'diff' on two of the to compare quickly. there can a very long list of ACL permissions in there. I found the tool from here:
How to I Document User Rights on an existing Linux System?

After two days of researching and looking at every detail of my permissions, I still missed one, and that was the crucial one. Lot's of Linux learning and thanks once more to the community for helping out!

//mattias

Thanks for the replies, bump and subzero79
I ended up playing with the ACL's when other things didn't work. Going through them I have set them up identical for both users. I didn't know about the execute flag and "cd", so that was a good learning point
I will reset and remove all ACL's, but before I do that, here is the settings for the parent folders...

/media/
# file: /media/
# owner: root
# group: root
user::rwx
group::r-x
other::r-x

/media/947..../
# file: /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/
# owner: root
# group: users
# flags: -s-
user::rw-
user:openmediavault:rwx
user:mattias:rwx
group::rw-
group:sambashare:rwx
group:openmediavault:rwx
mask::rwx
other::rw-
default:user::rw-
default:user:openmediavault:rwx
default:user:mattias:rwx
default:group::rw-
default:group:sambashare:rwx
default:group:openmediavault:rwx
default:mask::rwx
default:other::rw-

in the /meda/947.../home/ the ACL permisssions are again the same for 'mattias' and 'matback', so the only difference is on the drive itself.

...and I am guessing this is where the issue lies...
So, if this is the case, then does this mean that if there are ACL permissions set, then they override the basic ones?
the basic ones for the directories above are
├── [drwxr-xr-x root root ] media
│ ├── [drw-rwsrw- root users ] 9475cd71-9789-44f8-a1e6-5b6c4d9a3352
| | ├── [drwxrwsr-x root users ] home

So, my understanding is that with those permissions, both users should have the same access as neither owns the directories in question, but both are in the 'users' group. Is this correct?

If I forgo the ACL permissions, is it still possible to set different access levels for different people? I can set my self as the owner of a movie directory with full rights, but then could I set it, using groups, so that my wife can write to it and my daughter can't as an example? My understanding is that I can't set it up that way as I can only have one group in the basic permissions system, or is this poor understanding on my behalf?
Or, is the answer to have guest access which doesn't use a login, and then anyone there becomes "Other/Everyone" and has read access and execute for directory traversing, but if the person logs in, then they are now part of the "users" group and can have read and write access... Would that be the way forward?

Oh, one final thing with traversing...
Assuming that everything is set up properly, if I say the home directory for a user is, /media/drive/home/user, does that user have to have execute rights, i.e. traversing, on the directories below the user directory to be able to access it using ssh (as an example), or is the execute right only required if the person is logged in to '/' say, and want to "cd /media/drive/home/user"?

Thanks again for a quick and helpful reply!

(and now, I shall start from scratch anyway and try to make it all better

Hi all,
I was determined to solve it myself and learn along the way, but after two full days I have to admit defeat...

This is what I have studied so far...
Assistance/advice with setup - permissions! - I haven't tried this yet as I am determined that I should be able to make it work anyway (but I could be wrong)
Permissions denied. Cannot understand why. - different problem, but I found out about the 'tree' command
Permission issues - This one could have something to do with it as I am using ACL permissions, as far as I can tell, but they are set exactly the same for both users, so still don't explain why one works and the other one doesn't. Also I still feel the normal permissions are set right...
How to make a good Media share for Emby and PlexMediaServer - read this one and removed my root share (I haven't used that one since setting up directory structure) and installed omv-extras.
I have also read another sixor so on permissions topics, but this is getting a bit distracting

I am having permission issues in various places, but I will focus on one here and hopefully the cause is the same for all
So, I have two users, 'mattias' and 'matback'. The plan is to have matback deal with backups (backing up other systems onto the OMV drive) only and mattias to have general and admin access to all other shares.
One place where the issues present them selves is in the /home directory on my attached drive (software raid). The user 'mattias' can access /home/mattias' and /home/matback' whereas the user 'matback' can't access either... I can't see what is wrong here...

here is the tree structure and the relevant folder permissions:

matback@omv:/$ sudo tree -L 2 -gupd /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home 
/media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home
├── [drwxrwsr-- matback  users   ]  matback
└── [drwxrwsr-- mattias  users   ]  mattias

Both users are members of the same groups:

matback@omv:/$ groups matback
matback : users sudo ssh
matback@omv:/$ groups mattias
mattias : users sudo ssh

...and to complete the picture, if I run getfacl for matback and mattias and compare the outputs, then the only differences are the folder names and who owns them...

diff mattias2.list matback2.list 
1,2c1,2
< # file: /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/mattias/
< # owner: mattias
---
> # file: /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/matback/
> # owner: matback

As a reference, here is the full output of the 'mattias2.list' one:

# file: /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/mattias
# owner: mattias
# group: users
# flags: -s-
user::rwx
user:openmediavault:rwx
user:mattias:rwx
user:matback:rwx
group::rw-
group:sambashare:rwx
group:openmediavault:rwx
mask::rwx
other::r--
default:user::rwx
default:user:openmediavault:rwx
default:user:mattias:rwx
default:user:matback:rwx
default:group::rw-
default:group:sambashare:rwx
default:group:openmediavault:rwx
default:mask::rwx
default:other::r--

so, why I get this ssh-ing as mattias (all good):

mattias@omv:/media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352$ cd home/mattias/
mattias@omv:~$  <Note this is the configured home dir for mattias>
mattias@omv:/media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home$ cd matback/
mattias@omv:/media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/matback$

...and with matback (Permission denied as far as the eye can see):

matback@omv:/$ cd /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/mattias
-bash: cd: /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/mattias: Permission denied
matback@omv:/$ cd /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/matback
-bash: cd: /media/9475cd71-9789-44f8-a1e6-5b6c4d9a3352/home/matback: Permission denied
matback@omv:/$

Both users were created through the omv web interface.
I am really at a loss here... I am a reasonably fresh Linux user, but I have used OMV and FreeNAS before for many years as well as running an ownCloud server, so I know my way around a little bit.

Can someone help point out the (hopefully) obvious mistake I am making here

If I can provide more information that might be useful, please ask, and I will be happy to oblige.

//mattias

Hi david2k and tekkbebe,
I haven't had a chance to try and rule out equipment, but it appears that the trend is the same on any of the three systems I use. Writing to the OMV machine is good, reading is bad. Yes the gigabit laptop is much faster, but it is still slow reading data.
Also, just so we are talking the same language, my numbers are all in MByte/s. (as far as I can tell anyway ) I'll see what tests I can get in this weekend.

tekkbebe, I haven't heard about the OMV extras, I'll check it out and see what comes of that. Thanks

Cheers!

Me again,
I did some more tests with my laptop, which has GBit NIC in it, and with interesting results.

Writing the same file as in my original post to the OMV machine: 50-60MB/s. Could be better I believe, but more than adequate for my needs.
Reading the same file from the OMV machine: 16-21MB/s.
This was done using Samba.

2 things I find odd here..
1. as with my 100Mbit PC, the read speed is significantly slower than writing. This ties in to my original question... Why is this? Why aren't they similar? Everything is the same except the direction of the data...
2. The OMV machine, despite being a lot slower when being read from, can obviously provide data at 16-21MB/s over the hardware / switch/ links, so why with my 100MBit machines do I only get 0.1-5MBit? (see my original post)

I would be very grateful for any ideas! I might have stuffed up some settings somewhere, but I am only to happy to be told that, as long as I am also told what to do to fix it
I have reached the end of my networking knowledge

Ps. is there some good tool for analyzing networks out there? (Things like speeds, packet failure rates etc.)

Cheers

Thanks for your reply davidh2k.
I have only just had the time to look into things.

1. HDD speed. I tried the dd command and got the following: "4023820288 bytes (4.0 GB) copied, 116.138 s, 34.6 MB/s" Not lightning, but should be watchable

2. using the file manager in OpenELEC I copied the same file (the start of it) to a Transcend JetFlash(?) 16GB USB3 stick that is the system "drive" for the Pi. The read speed for SAMBA was topping out briefly at 1.2MB/s, mostly hovering at 1.1MB/s. Then I tried NFS which I am using on the Pi, and I got 2.2MB/s. Both are really disappointing in my humble opinion.

Just a note here, I have just mounted the NFS drives via the GUI, so not tuned in any way yet.

I will try with my laptop tomorrow, which has a GBit NIC on it as I am curious to see how high it will go when writing, but I guess I am mostly surprised that it will saturate the 100MBit link when writing to the OMV system, but then get between 10% and 20% of that when reading the same file over the same network.

Any other thoughts, as a GBit NIC is out of the question for the Pi, even if it does prove faster. Surely one should be able to read and write at similar speeds??

Cheers

Hi,
After many years with FreeNas I have now made the switch to OMV. I am having one issue that is preventing me using it to serve media to my Raspberry Pi and PC for viewing.
The testing I have done, I have done on my Windows 8.1 PC, but the symptoms are the same on both the PC and my RaspberryPi, which is running OpenELEC, 4.0.3 (It think)

My setups:
OMV is on an Intel Atom DN2800MT with 4GB ram, running OMV version 0.5.49, 1Gbit on-board NIC, using SAMBA and NFS (SAMBA for these tests
PC Old DELL with Windows 8.1, 4GB Ram, 10/100Mbit on-board NIC
Raspberry Pi model B, standard, wired network, OpenELEC 4.0.3 (or whatever the latest version is
Switch is a D-LINK DGS-1224T 24 port Gigabit switch. As far as I know I haven't made any untoward settings in it.

The symptoms.
I can write ISO file x from my PC to the OMV while saturating the link at 11MB/s (it is a 100MBit card), see image 4 below. Reading the exact same file back right after, and the results are far from the same. The speed is too slow to be able to watch anything as it dropps down below 100kB/s quite frequently. I have even seen it go to 0kB/s. Another artifact is that it is very variable. Images 1-3 shows the read, with a low value, and a higher value. As can be seen in image 3, The speed did get respectable at one point, albeit not 11MB/s as far as I can make out from the chart. It does suggest it is capable of decent speeds, but just not happy to do it consistently.
On the Raspberry Pi I am also not able to watch anything as it stops and buffers very often, but I don't know how to actually test the transfer speed, so I can't give any numbers. I think it is the variability that is the killer. The average speed is probably good enough to watch a non-HD movie, but as it is not constant, I can't.

Image of transfer speeds:

What I have tried:
Even though I suspect that the issue is with the OMV part as both the Raspberry Pi and the PC shows the symptoms I have still tried some things on the PC. I have tried to disable the TCP Checksum Offloading for IPv6 (no idea what it is, but someone said it solved their issues ;-), but to no avail, so I set it back to default. I looked at Flow control, no luck. I tried turning something else off in the command line, that I can't even find the page for anymore, but that didn't work either and I set that back as well.
I have also tried swapping the network cable between the PC and the OMV box to check that it isn't a dodgy connector or lead, but the results were identical.
I have also read most of the threads I can find here that mentions un-even or poor network speeds.

My Theories...
Not much, to be honest.
1. I am sharing the same drive via Samba and NFS, could that have something to do with it?
2. I ran a test on HDD speed that I saw in a post on this forum. I wasn't able to run it on the OMV drive as I had hoped, but running it on my own drive in the PC I got the following result...
Image of HDD speeds:

Could it be that it has something to do with package sizes, as the small packets are very slow? (Doesn't explain the variability in speed though...)

I would be grateful for any suggestions of things to try!

Cheers