March 17, 20233 yr So I just discovered the hard way that my backup system has not been working since I updated around the 4th. At the same time, I discovered that the system I have in place to alert me that my backups aren't working, does not cover a situation where root has no write access to the share. My setup is as follows. My main desktop is running arch, and I have all of my shares mounted via fstab using the following. 10.0.0.133:/mnt/user/Backup /mnt/share/Backup nfs defaults,nolock,soft 0 0 That has worked perfectly fine for years. But it seems since the update, the root user on arch no longer has write access to files or in folders owned by my normal non-root user. Since the update, any files or folders created by the root the on arch are created as 65534:65534 on arch. I have already done some investigating and hound the following post, which seems to identify the issue. But I must be missing something because 'no_root_squash' is apparently not a valid nfs option. At least not via fstab. Furthermore, supposedly the mount options used by UD resolve this issue. But I have two unraid systems now running 6.11.5 and when I mount my Backup share in my second unraid system via UD I see the same issues when modifying files from the client system. Given how long 6.10 has been out, I'm hoping someone has figured out a simple solution to this. Any help would be appreciated.
March 18, 20233 yr Solution Under shares on unraid click share that you want to fix, change NFS security to Private then apply, then add the line from below to the new rule line and apply again. *(sec=sys,rw,insecure,anongid=100,anonuid=99,no_root_squash) Edited March 18, 20233 yr by kb2ear changed from CLI to GUI
March 20, 20233 yr Author On 3/19/2023 at 6:26 AM, kb2ear said: Under shares on unraid click share that you want to fix, change NFS security to Private then apply, then add the line from below to the new rule line and apply again. *(sec=sys,rw,insecure,anongid=100,anonuid=99,no_root_squash) Thank you. That explains my confusion. That post says "NFS rules on the client", Unless the terminoligy is reversed with file sharing the client is my Arch system not the unraid server.
March 22, 20233 yr On 3/18/2023 at 3:26 PM, kb2ear said: Under shares on unraid click share that you want to fix, change NFS security to Private then apply, then add the line from below to the new rule line and apply again. *(sec=sys,rw,insecure,anongid=100,anonuid=99,no_root_squash) If you don't mind, I need a guru like you. 😆 Unfortunately, there are a couple scenarios where programs just perform better mapped to an NFS share, otherwise I'd just use SMB for everything. So I need to set up some shares as NFS as well, and know how to do that in UnRAID. I have it exported, can mount it on clients, but I have no experience with the rules and security in this arrangement. Right now, I have no rules for the NFS shares. I can see the contents, but can't write. So can you work your magic and tell me what to put in the rule field? If I have a user, "husband" and want him to have r/w access, what should I put there? And if I have another share that I want "husband" to have r/w, and "wife" to have read-only? You would make this guys day if you could help me out. 👍 Thanks in advance!
March 22, 20233 yr Author 2 minutes ago, House Of Cards said: If you don't mind, I need a guru like you. 😆 Unfortunately, there are a couple scenarios where programs just perform better mapped to an NFS share, otherwise I'd just use SMB for everything. So I need to set up some shares as NFS as well, and know how to do that in UnRAID. I have it exported, can mount it on clients, but I have no experience with the rules and security in this arrangement. Right now, I have no rules for the NFS shares. I can see the contents, but can't write. So can you work your magic and tell me what to put in the rule field? If I have a user, "husband" and want him to have r/w access, what should I put there? And if I have another share that I want "husband" to have r/w, and "wife" to have read-only? You would make this guys day if you could help me out. 👍 Thanks in advance! There may be a way to do this in a "per user" way, but from what I understand the way these rules are set up is per IP, as in the IP address of the client you wish to give access to. So the first step is to make sure all your clients have static IP addresses on your local network. Static IP's can be configured in the client device's network settings. Or a better way to handle it is via your router if your router supports assigning static IP's to connected devices. Then your NFS rule for your unraid share would look something like this: 192.168.1.128/24(sec=sys,rw,insecure,anongid=100,anonuid=99,no_root_squash) With the IP at the start being the IP of the connected client. If you want to specify multiple clients, then simply separate them with a space. e.g. 192.168.1.128/24(sec=sys,rw,insecure,anongid=100,anonuid=99,no_root_squash) 192.168.1.125/24(sec=sys,rw,insecure,anongid=100,anonuid=99,no_root_squash) 192.168.1.127/24(sec=sys,rw,insecure,anongid=100,anonuid=99,no_root_squash)
March 22, 20233 yr Ooof... I hope that's not the only way. I mean, it's not unusable, but it seems like that would be terribly insecure to allow the defaults to "anybody". If someone manages to access anything on your network, they can access everything. I would think there would be additional options, but if all else fails, I'll have to work around this... Thanks for the help. 👍
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.