• [6.8.0] File permissions through Samba are set to admin:users and not nobody:users

    dlandon

    By dlandon

      • Closed Minor

    Files created through Samba shares are not setting permissions to nobody:users. 

    total 393522636
-rw-rw-rw-+ 1 nobody users    33554432 Oct 26 19:03 D...r\ Backup_full_b103_s1_v1.tib
-rw-rw-rw-+ 1 nobody users 41736957952 Oct 26 20:14 D...r\ Backup_full_b103_s1_v2.tib
-rw-rw-rw-+ 1 nobody users 41968980480 Nov  3 20:31 D...r\ Backup_full_b104_s1_v1.tib
-rw-rw-rw-+ 1 nobody users 41995778560 Nov  9 20:28 D...r\ Backup_full_b105_s1_v1.tib
-rw-rw-rw-+ 1 nobody users 43247830016 Nov 17 20:18 D...r\ Backup_full_b106_s1_v1.tib
-rw-rw-rw-+ 1 nobody users 43407541248 Nov 27 20:26 D...r\ Backup_full_b107_s1_v1.tib
-rw-rw----+ 1 admin  users 42760169984 Dec  3 20:24 D...r\ Backup_full_b108_s1_v1.tib
-rw-rw----+ 1 admin  users 42783333888 Dec  9 20:08 D...r\ Backup_full_b109_s1_v1.tib
-rw-rw----+ 1 admin  users 11609833472 Dec 15 19:19 D...r\ Backup_full_b110_s1_v1.tib
-rw-rw----+ 1 admin  users 30997140992 Dec 15 20:18 D...r\ Backup_full_b110_s1_v2.tib
-rw-rw-rw-+ 1 nobody users  3581016576 Oct 27 19:07 D...r\ Backup_inc_b103_s2_v1.tib
-rw-rw-rw-+ 1 nobody users  1225604096 Oct 28 19:03 D...r\ Backup_inc_b103_s3_v1.tib
-rw-rw-rw-+ 1 nobody users   929987584 Oct 29 19:03 D...r\ Backup_inc_b103_s4_v1.tib
-rw-rw-rw-+ 1 nobody users  1610059776 Oct 31 19:05 D...r\ Backup_inc_b103_s5_v1.tib
-rw-rw-rw-+ 1 nobody users  1121332736 Nov  1 19:03 D...r\ Backup_inc_b103_s6_v1.tib
-rw-rw-rw-+ 1 nobody users  1326885888 Nov  4 19:03 D...r\ Backup_inc_b104_s2_v1.tib
-rw-rw-rw-+ 1 nobody users  1500738048 Nov  5 19:04 D...r\ Backup_inc_b104_s3_v1.tib
-rw-rw-rw-+ 1 nobody users   706327040 Nov  6 19:02 D...r\ Backup_inc_b104_s4_v1.tib
-rw-rw-rw-+ 1 nobody users   781005312 Nov  7 19:03 D...r\ Backup_inc_b104_s5_v1.tib
-rw-rw-rw-+ 1 nobody users  1060108288 Nov  8 19:03 D...r\ Backup_inc_b104_s6_v1.tib
-rw-rw-rw-+ 1 nobody users  3318227456 Nov 11 19:09 D...r\ Backup_inc_b105_s2_v1.tib
-rw-rw-rw-+ 1 nobody users  1243727360 Nov 12 19:04 D...r\ Backup_inc_b105_s3_v1.tib
-rw-rw-rw-+ 1 nobody users  3261709312 Nov 13 19:09 D...r\ Backup_inc_b105_s4_v1.tib
-rw-rw-rw-+ 1 nobody users  1099701248 Nov 14 19:04 D...r\ Backup_inc_b105_s5_v1.tib
-rw-rw-rw-+ 1 nobody users  1288908288 Nov 15 19:05 D...r\ Backup_inc_b105_s6_v1.tib
-rw-rw-rw-+ 1 nobody users  5099088384 Nov 22 19:08 D...r\ Backup_inc_b106_s2_v1.tib
-rw-rw-rw-+ 1 nobody users  4714370048 Nov 23 19:11 D...r\ Backup_inc_b106_s3_v1.tib
-rw-rw-rw-+ 1 nobody users  2989081088 Nov 24 19:06 D...r\ Backup_inc_b106_s4_v1.tib
-rw-rw-rw-+ 1 nobody users  1040195584 Nov 25 19:22 D...r\ Backup_inc_b106_s5_v1.tib
-rw-rw-rw-+ 1 nobody users  1006299136 Nov 26 19:04 D...r\ Backup_inc_b106_s6_v1.tib
-rw-rw-rw-+ 1 nobody users  1216510976 Nov 28 19:04 D...r\ Backup_inc_b107_s2_v1.tib
-rw-rw-rw-+ 1 nobody users   621406720 Nov 29 19:03 D...r\ Backup_inc_b107_s3_v1.tib
-rw-rw-rw-+ 1 nobody users   610340864 Nov 30 19:03 D...r\ Backup_inc_b107_s4_v1.tib
-rw-rw----+ 1 admin  users  2693766144 Dec  1 19:06 D...r\ Backup_inc_b107_s5_v1.tib
-rw-rw----+ 1 admin  users   685169664 Dec  2 19:04 D...r\ Backup_inc_b107_s6_v1.tib
-rw-rw----+ 1 admin  users   785208320 Dec  4 19:03 D...r\ Backup_inc_b108_s2_v1.tib
-rw-rw----+ 1 admin  users  1248407040 Dec  5 19:04 D...r\ Backup_inc_b108_s3_v1.tib
-rw-rw----+ 1 admin  users   954967040 Dec  6 19:03 D...r\ Backup_inc_b108_s4_v1.tib
-rw-rw----+ 1 admin  users  2576901632 Dec  7 21:16 D...r\ Backup_inc_b108_s5_v1.tib
-rw-rw----+ 1 admin  users  3027072512 Dec  8 19:07 D...r\ Backup_inc_b108_s6_v1.tib
-rw-rw----+ 1 admin  users   655553024 Dec 10 19:21 D...r\ Backup_inc_b109_s2_v1.tib
-rw-rw----+ 1 admin  users  2373876224 Dec 11 19:06 D...r\ Backup_inc_b109_s3_v1.tib
-rw-rw----+ 1 admin  users  3225392640 Dec 12 19:07 D...r\ Backup_inc_b109_s4_v1.tib
-rw-rw----+ 1 admin  users   621100544 Dec 13 20:08 D...r\ Backup_inc_b109_s5_v1.tib
-rw-rw----+ 1 admin  users  1618446848 Dec 14 19:06 D...r\ Backup_inc_b109_s6_v1.tib
-rw-rwx---+ 1 admin  users   607243776 Dec 16 19:04 D...r\ Backup_inc_b110_s2_v1.tib*

    This is causing issues with some applications.

     

    Go to reports Stable Releases

    User Feedback

    Recommended Comments

    jonp

    This is really odd.  I just tested this from my end and it's creating the files on the share with the right permissions.  Can you replicate this behavior with just copying data to a network share the old fashioned way (wondering if your backup software is doing something to the permissions).

     

    image.png

    Link to comment
    JorgeB

    For me it's also working correctly, I have Synback doing a daily sync from a Windows drive to Unraid and checking latest days after the upgrade permissions are still correct.

    Link to comment
    Squid

    I've never had a problem with SMB transfers.  The owner always winds up being my user, not "nobody" but the permissions are always correct so no big deal and something I've never worried about (or cared about)

    • Thanks 1
    Link to comment
    dlandon
    3 hours ago, jonp said:

    This is really odd.  I just tested this from my end and it's creating the files on the share with the right permissions.  Can you replicate this behavior with just copying data to a network share the old fashioned way (wondering if your backup software is doing something to the permissions).

     

    image.png

    When I create a text file using Windows 10 on an SMB share the permissions are set to:
    -rw-rw-rw- 1 admin  users    0 Dec 17 16:54 test\ permissions.txt

     

    Copying a file from one Unraid server to another:

    Source:

    -rw-rw-rw- 1 nobody users     18 Dec 17 17:12 test\ permissions.txt

     

    Destination:

    -rw-rw-rw- 1 admin  users   18 Dec 17 17:12 test\ permissions.txt

     

    I am logged into the share using an 'admin' user.

     

     

    Link to comment
    dlandon
    3 hours ago, jonp said:

    (wondering if your backup software is doing something to the permissions).

    The software is Acronis backup and I have been using it without seeing this issue for years.  I have a special user that I use to login to the share with Acronis that only has permission to access the backup share.

    Link to comment
    BRiT

    I've always seen new files created as the user logged into the samba share and group "users", for instance user "wmce", as far back as I can remember. My shares are set as either secure or private.

    Link to comment
    dlandon

    I'm also seeing some strangeness with CIFS mounts.  Mounting a remote share using CIFS setting the uid=99 and gid=100 should set permissions of nobody:users.

     

    /sbin/mount -t cifs -o rw,nounix,iocharset=utf8,_netdev,file_mode=0777,dir_mode=0777,uid=99,gid=100,,vers=3.0,credentials='/tmp/unassigned.devices/credentials' '//Mediaserver/Public' '/mnt/disks/Mediaserver_Public'

     

    When I create a file on the remote share the permissions are set to:

    /mnt/disks/Mediaserver_Public - this is the remote share mount point on the local server.
    -rwxrwxrwx 1 nobody users      0 Dec 17 16:21 test\ permissions.txt*

     

    /mnt/user/Public - this is the remote share on the remote server.
    -rw-rw-rw- 1 guest  users      0 Dec 17 16:21 test\ permissions.txt

     

    Mounting a remote share using CIFS setting the uid='nobody' and gid='users' should set permissions of nobody:users.

     

    /sbin/mount -t cifs -o rw,nounix,iocharset=utf8,_netdev,file_mode=0777,dir_mode=0777,uid='nobody',gid='users',,vers=3.0,credentials='/tmp/unassigned.devices/credentials' '//Mediaserver/Public' '/mnt/disks/Mediaserver_Public'

     

    /mnt/disks/Mediaserver_Public - this is the remote share mount point on the local server.
    -rwxrwxrwx 1 nobody users      0 Dec 17 16:32 test\ permissions.txt*

     

    /mnt/user/Public - this is the remote share on the remote server.
    -rw-rw-rw- 1 admin  users      0 Dec 17 16:32 test\ permissions.txt
     

    I would expect all permissions to be nobody:users in all cases.

    Link to comment
    dlandon
    3 hours ago, Squid said:

    I've never had a problem with SMB transfers.  The owner always winds up being my user, not "nobody" but the permissions are always correct so no big deal and something I've never worried about (or cared about)

    It's my understanding that Unraid always sets permissions to nobody:users.

    Link to comment
    jonp
    44 minutes ago, dlandon said:

    It's my understanding that Unraid always sets permissions to nobody:users.

    It depends on the user you are using.  If you're not using any login for SMB access, nobody:users is the correct group/user.  However if you authenticate with a user you created called 'admin', files created by that user should show up as that user.  That doesn't mean that other users with access to the share can't access the files.

    Link to comment
    dlandon
    1 hour ago, jonp said:

    It depends on the user you are using.  If you're not using any login for SMB access, nobody:users is the correct group/user.  However if you authenticate with a user you created called 'admin', files created by that user should show up as that user.  That doesn't mean that other users with access to the share can't access the files.

    The original post has permissions of 660 and ownership of admin:users.  The login used to access the share for backups is 'home' not 'admin'.  The permissions are 660, not 666 that would allow everyone access.  The computer being backed up is accessing all shares using 'admin', but is using 'home' user for this backup share.

     

    You are suggesting this is the Acronis backup?

     

    How do you explain this?

    I haven't tested 6.7 as it is not possible for me to easily roll back, so I can't confirm it.  Something has changed.

    Link to comment
    dlandon

    I'm closing this until I can better understand what is going on here.  I think the issue is more my ignorance on how permissions and ownership work.

    Link to comment
    dlandon

    I should have been clearer.  My issue is more of what Samba is doing to permissions and ownership and/or how Unraid is setting them through Samba.

    Link to comment
    Squid

    I know that I used to run a backup script on my desktop using robocopy.  It would always mess up the permissions on the server, where I couldn't access the files at all without a chmod

    Link to comment
    jonp
    7 hours ago, dlandon said:

    I'm closing this until I can better understand what is going on here.  I think the issue is more my ignorance on how permissions and ownership work.

    Completely understand.  Just didn't want you to think we were brushing this off.  If after more due diligence you think there is a real underlying issue, reopen this report and we'll investigate further.  Thanks again for your help!

    Link to comment
    bling

    stumbled upon this bug report when i noticed the same thing today.  when using private shares, any files written are owned by the logged in user, and not 'nobody', which can cause various annoyances later since so many things assume everything is owned by nobody.

     

    i fixed it by modifying the samba config, you can add the following to /boot/config/smb-extra.conf 

    [global]
  force user = nobody
  force group = users

     

    Link to comment
    ken-ji

    That's my actual solution to the situation as it guarantees the correct permissions on the OS layer. But I understand you can't turn that on users with older data and managed permissions. I'm guessing this can be a Unraid setting, but users should opt-in, unless its a brand new OS config.

     

    FYI a lot of NAS use something like that setting to make it easy for the files to be managed, even after migrating the disks out to another OS.

    Link to comment


    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Restore formatting

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Status Definitions

     

    Open = Under consideration.

     

    Solved = The issue has been resolved.

     

    Solved version = The issue has been resolved in the indicated release version.

     

    Closed = Feedback or opinion better posted on our forum for discussion. Also for reports we cannot reproduce or need more information. In this case just add a comment and we will review it again.

     

    Retest = Please retest in latest release.

    Priority Definitions

     

    Minor = Something not working correctly.

     

    Urgent = Server crash, data loss, or other showstopper.

     

    Annoyance = Doesn't affect functionality but should be fixed.

     

    Other = Announcement or other non-issue.