Can not write on the "Flash" volume from Windows or MacOS...


PicPoc

Recommended Posts

Hello,

I have a problem with the access rights of the USB key via Samba.
I tried several settings in vain. I put the sharing privately, selected the rights of the read / writing user, it did not work, I am ironing guest and always impossible to write on the volume.
Strange thing: if I slide a file into the mounted volume, it's but the file makes 0 kb ...
I can still erase it.
Have you ever had this problem?
I tested and met the same problem on two different keys.

On another test configuration I have this problem. It's impossible for me to know what difference there is since with the same CA adjustments works!

Thanks in advance.
;)

Link to comment

Open a terminal session and look at your flash drive.  You do this with the following command:

 

ls -al /boot

 

IF you look, you should see that the owner of everything on the boot drive is now   root   and the owner is the only one who has read/write permission.   Furthermore, root is not allowed as a SMB user.  ( root is not allow to be a samba user in Unraid.)  You can see this by looking at the following file:

 

cat /etc/samba/smb.conf

 

Link to comment
3 minutes ago, itimpi said:

I never have any problems accessing the contents of the flash drive over the network so there has to be some other factor at play.

Are you seeing this:

image.png.6e18a1676770e2640c0db5fdb19cba03.png

 

I seem to recall reading the LimeTech was restricting access to the Flash Drive for security reasons.  (This is screen shot of the file listing of the boot drive using version 6.9.2.)

Link to comment
5 minutes ago, Frank1940 said:

Are you seeing this:

image.png.6e18a1676770e2640c0db5fdb19cba03.png

 

I seem to recall reading the LimeTech was restricting access to the Flash Drive for security reasons.  (This is screen shot of the file listing of the boot drive using version 6.9.2.)

Obviously when accessing over the network via a SMB share I do not see the owner/permissions but I do see all the files and have read/write access.   This is probably because being FAT32 there is not full support for linux permissions.

 

the big security change was to stop any file on the flash drive being allowed to have ‘execute’ permission.   The other change was that the flash drive no longer defaults to being shared on the network.

 

Link to comment

@itimpi, You are correct.  I just checked on my Flash Drive Share settings.   It is set to 'Private' and I have set the login for my Samba User to have 'Read Only' access.  Thinking about it now, I can remember thinking that have 'Read-Write' access to the Flash Drive did not seem like a good idea when looking at it from a security stand point.   Very seldom have I ever required write access to the Flash Drive via Windows Explorer.  (In fact, as I now recall, I only set up the read access because of occasionally needing to be able to look at the Flash Drive and its contents while helping out other folks on the Forum!)

Edited by Frank1940
Link to comment

Hi guys !

Thanks for the answers.

I use Flash accès by Samba only for testing, for simplicity before using server on prod.

Here is my files :

 

# ls -al /boot
total 822960
drwx------ 10 root root      4096 Jan  1  1970 ./
drwxr-xr-x 20 root root       420 Sep 20 11:55 ../
drwx------  3 root root      4096 Aug 24 01:23 EFI/
-rw-------  1 root root  20738048 Aug 24 01:23 bzfirmware
-rw-------  1 root root        65 Aug 24 01:23 bzfirmware.sha256
-rw-------  1 root root   4818656 Aug 24 01:23 bzimage
-rw-------  1 root root        65 Aug 24 01:23 bzimage.sha256
-rw-------  1 root root  12562432 Aug 24 01:23 bzmodules
-rw-------  1 root root        65 Aug 24 01:23 bzmodules.sha256
-rw-------  1 root root 731411968 Aug 24 01:25 bzroot
-rw-------  1 root root  72698620 Aug 24 01:25 bzroot-gui
-rw-------  1 root root        65 Aug 24 01:25 bzroot-gui.sha256
-rw-------  1 root root        65 Aug 24 01:25 bzroot.sha256
-rw-------  1 root root     19276 Aug 24 01:25 changes.txt
drwx------ 10 root root      4096 Sep 20 11:55 config/
-rw-------  1 root root      7972 Aug 24 01:25 license.txt
drwx------  2 root root      4096 Aug 24 20:08 logs/
-rw-------  1 root root      1760 Aug 24 01:25 make_bootable.bat
-rw-------  1 root root      3291 Aug 24 01:25 make_bootable_linux
-rw-------  1 root root      2428 Aug 24 01:25 make_bootable_mac
-rw-------  1 root root    150024 Aug 24 01:25 memtest
drwx------  2 root root      4096 Aug 24 01:23 syslinux/

 

# cat /etc/samba/smb.conf
[global]
	# configurable identification
	include = /etc/samba/smb-names.conf

	# log stuff only to syslog
	logging = syslog@0

	# we don't do printers
	show add printer wizard = No
        disable spoolss = Yes
	load printers = No
	printing = bsd
	printcap name = /dev/null

	# disable aio by default
	aio read size = 0
	aio write size = 0

	# misc.
	invalid users = root
	unix extensions = No
	wide links = Yes
	use sendfile = Yes

	# ease upgrades from Samba 3.6
	acl allow execute always = Yes
	# permit NTLMv1 authentication
	ntlm auth = Yes

	# hook for user-defined samba config
	include = /boot/config/smb-extra.conf

	# auto-configured shares
	include = /etc/samba/smb-shares.conf

 

Don't know why, i can't read/write on flash...

;)

Edited by PicPoc
Link to comment

There is a plugin called     Config File Editor     which will allow you to edit/view any of the configuration files on the Flash Drive as it has them all listed in a dropdown.  (It will also allow you to edit any file on the Server file system but that is a bit more complex as you have to know where the file is in order to be able to navigate to it.  NOTE: Any edit to one of the server files will only last until the server is rebooted!!!)   It installs under the Tools tab and has the advantage that is only accessible to someone who has GUI/root access. 

 

Might this plugin serve your purpose?

Link to comment

Thanks, but I know Config File Editor.

Basically, sharing allows you to quickly drag script files and other additions. Thanks for the suggestion, but I actually tested this plugin.

 

Well, I found the problem :
It comes from a setting about Time Machine for Macs.
To solve the problem, you must deactivate the function in the Samba preferences:

On Settings/SMB "Enhanced macOS interoperability:" set to "No"

If we need this feature, we will give it back later.
I do not see any other solution for the moment.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.