JRascagneres Posted May 30, 2021 Share Posted May 30, 2021 As seen in the below screenshot whenever I make a file it gets created with my 'windowspc' user which is a user created through UNRAID and then used to access my share through windows. However, this means that when I want to view the file from another user I don't have permission to access it. Anyway to allow all users to access this? Quote Link to comment
Frank1940 Posted May 30, 2021 Share Posted May 30, 2021 Are you using SMB to write these files? IS this computer a VM running under Unraid OS? Quote Link to comment
JRascagneres Posted May 30, 2021 Author Share Posted May 30, 2021 I wrote the C file from an NFS share on my ubuntu machine. The New Folder was created from my SMB share on my windows machine. The computer is not a VM. Personal machine on the network. Quote Link to comment
Frank1940 Posted May 30, 2021 Share Posted May 30, 2021 Did you map this share as a Drive? (example: \Z: ) Or did you create it with Windows Explorer? Quote Link to comment
JRascagneres Posted May 30, 2021 Author Share Posted May 30, 2021 I mapped the drive Quote Link to comment
John_M Posted May 30, 2021 Share Posted May 30, 2021 (edited) On the Shares page of the GUI you'll see two columns, labelled SMB and NFS. For that particular user share (backups) it is behaving as though it is set to Public for NFS sharing and Private for SMB sharing. If that's the case you need to change the SMB sharing to Public. Edited May 30, 2021 by John_M Added screenshot Quote Link to comment
JRascagneres Posted May 30, 2021 Author Share Posted May 30, 2021 Can I not keep it private but somehow make sure all users can access it? Quote Link to comment
John_M Posted May 30, 2021 Share Posted May 30, 2021 There's the Secure option that might fulfill your requirements. Turn on Help in the GUI for more information on that. Quote Link to comment
JRascagneres Posted May 30, 2021 Author Share Posted May 30, 2021 How would secure affect how other users can read / write a file written by another user? Quote Link to comment
John_M Posted May 30, 2021 Share Posted May 30, 2021 From the online help: Quote Security modes: '-' -- user share is not exported and unavailable on the network Public -- all users including guests have full read/write access (open access) Secure -- all users including guests have read access, write access is set per user (limited access) Private -- no guest access at all, read/write or read-only access is set per user (closed access) Quote Link to comment
JRascagneres Posted May 30, 2021 Author Share Posted May 30, 2021 Yeah I know but still not sure how that helps anything? Still doesn't affect write access? My problem: user1 writes a doc on SMB user2 attempts to access doc - Doesn't have permission as doc owner is set to user1 Quote Link to comment
Frank1940 Posted May 31, 2021 Share Posted May 31, 2021 (edited) 10 hours ago, JRascagneres said: Look at the '+' sign at the end of the permissions. That should normally not be there. You can find more information about this if you google : what is "+" in drwxrwxrwx+ I do know that running either the Docker Safe New Perms or the New Permissions scripts found on the Tools tab will set the owner, group and permissions correctly on the Share. You only want to run either of these utilities on the directory/folder that has the issue. What I am not sure is if either one will fix that "+" attribute... Question: When you mapped the drive on your Windows computer, did you play with the permissions in the Properties on the mapped drive? Edited May 31, 2021 by Frank1940 Quote Link to comment
John_M Posted May 31, 2021 Share Posted May 31, 2021 24 minutes ago, Frank1940 said: what is "+" in drwxrwxrwx+ It means ACLs are in use, which is how Unraid manages Private and Secure user shares, giving different users specific read/write permissions, which is not possible using basic Unix permissions. Quote Link to comment
John_M Posted May 31, 2021 Share Posted May 31, 2021 2 hours ago, JRascagneres said: user2 attempts to access doc - Doesn't have permission as doc owner is set to user1 He does if you've given him permission in the user share's configuration: 2 hours ago, John_M said: access is set per user Quote Link to comment
John_M Posted May 31, 2021 Share Posted May 31, 2021 In the GUI go to Settings -> Users. Add a user to Unraid for each Windows user you have. If you make the names and passwords identical to how they are in Windows, you'll save yourself a lot of grief. In the GUI go to Shares. Create a new user share. In SMB Security Settings make it Private or Secure, depending on whether you want to allow guest read access. In SMB User Access set up for each user whether he has read and/or write access. If you want guest write access, just make it Public instead. Each file/directory is owned by its creator and additional read/write permissions for other users are stored in ACLs. 1 Quote Link to comment
Frank1940 Posted May 31, 2021 Share Posted May 31, 2021 @John_M, Interesting. I have never seen this and I do use 'Secure' Shares. I have no doubt that is because of the way that I actually implement its use. Most of my shares are actually 'Secure'. As I basically use my two Unraid servers in a 'write once-read many' type of operation. In fact, these Secure Shares have no users assigned to them to prevent direct write access to them using SMB. (This basically prevents Malware from having write access from a Windows client!) But it does allows 'Public' access to able to read the files. (New files are added by having the cache drive being shared as 'Public' Disk Share. Files are transferred to the cache drive and placed into a folder on that drive that mimics the Share that the file is to end in. Unraid's Mover will then transfer the file to the Secure Share on the array.) Quote Link to comment
John_M Posted June 1, 2021 Share Posted June 1, 2021 12 hours ago, Frank1940 said: Most of my shares are actually 'Secure'. That's a clever use of the options available to you. I haven't done a lot of testing but I think the ACLs are set up when a second user is given permissions to access a share in the SMB User Access section (ie. when Unix permissions are no longer sufficient). They are simply applied to the top level directory and propagated to its contents. I think the majority of users settle for Public shares because they are the default, they usually "just work" and because Windows networking is already more fraught with difficulties than it needs to be. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.