Frank1940 Posted March 29 Share Posted March 29 3 hours ago, Maginos said: unfortunately, I have bad news. The error came back and the permissions of the folder /mnt/user/sharnename/foldername changed again: What was accessing/writing to the share at this time? Is there a Windows mapped drive to this folder on your server? As I understand it, a Windows client can control the permissions on your Unraid server through the extended attributes if it uses mapped drives. That is what the '+' sign in the permissions means. I know that Libreoffice does set some extended attributes when it locks the file but I have seen no evidence that it touches the directory. Quote Link to comment
Maginos Posted March 29 Author Share Posted March 29 Actually that was me, when I tried to access the folder (double click in windows explorer).Yes, the share has a fixed mapping under Windows. But a disconnect and reconnect didn’t help. I already tried that. Quote Link to comment
Frank1940 Posted March 29 Share Posted March 29 13 minutes ago, Maginos said: Yes, the share has a fixed mapping under Windows. But a disconnect and reconnect didn’t help. I already tried that. Not sure what happens if you use the same drive letter. (It could be that Windows 'restores' the old settings...) Try another drive letter and see what happens then. (When you do this, do not even look at the 'Properties' of that mapped drive.) 43 minutes ago, Maginos said: Actually that was me, when I tried to access the folder (double click in windows explorer). Where you doing it this from the mapped drive or going in from the server name and drilling down? Quote Link to comment
Frank1940 Posted March 29 Share Posted March 29 More information: This last one is not a true comparison to what you found since it did not have any extended attributes set up on it. The directory 'Libreoffice' is the './' name in the top screen capture. You probably need to do some experimentation with Mapped Drives vs opening things by coming in from the network. This may provide more clues as to what is going on. (It may turn out that the default permissions that Windows sets up on Mapped Drives when it applies extended attributes to files and directories is causing the problem...) Quote Link to comment
Maginos Posted March 29 Author Share Posted March 29 Strange news: I was able to access the share now as normal and also the file I created at 10:45 was there. Actually several other files with the same name were there, so I assume, that despite there's this error message, the file is created. This would mean, that the share is "temporarily" locked (for around 8 h or less) and then unlocked again. The permissions of the /mnt/user/sharename/foldername did not change. I don't know if my Nextcloud is interferring with that? I have a combination of the Linuxserver NC, mariadb and redis running. The shares are passedthrough to the NC Container as volume mappings/bind mounts (-v analogon). In the NC, I use the External storage app to get access to the shares. As far as I know, Nextcloud/the DB scans storage paths from the External storage app automatically, so a sudo -u www-data php occ files:scan --all is not necessary. Nevertheless, could it be, that NC/mariadb/redis is locking the share? I appended also a screenshot of my docker containers. 30 minutes ago, Frank1940 said: Where you doing it this from the mapped drive or going in from the server name and drilling down? I'm not exactly sure what you mean. I opened the mapped drive in Windows Explorer, right clicked and then "Create Document". Quote Link to comment
Frank1940 Posted March 29 Share Posted March 29 2 hours ago, Frank1940 said: going in from the server name and drilling down? I mean starting from here in Windows explorer: You can even do this when saving a file from LibreOffice the first time. (You may have to do a bit of exploring in the 'Save As' dialog in LibreOffice to find the server name.) You can also create a shortcut to the exact location in Windows Explorer when your dad stores his files. In the first post in this thread, look at the file named "An Alternative Method to Network Neighborhood.PDF" for a more complete explanation on how to so this: https://forums.unraid.net/topic/110580-security-is-not-a-dirty-word-unraid-windows-10-smb-setup/#comment-1009109 Be sure to give your shortcut a descriptive name so that it is instantly recognizable. Quote Link to comment
Maginos Posted March 29 Author Share Posted March 29 As far as I understand, the server gets only detected under the "Network" tab, when both devices (PC and server) are in the same subnet, which is not the case. As I said, my unraid server is in a separate subnet, so the packet to the broadcast address of the windows pc should not be seen by it. BUT: I have a Windows 10 VM on my unraid server which is in the same subnet as the unraid server and I tested it there. Works without any issues so far. 🤷♂️ Quote Link to comment
dlandon Posted March 30 Share Posted March 30 You have macOS Interoperability enabled and a lot of extra settings in your smb-extra.conf related to fruit and some other added entries. You have talked about using PCs to access your SMB shares. Are you using Mac computers also? Trying to unscramble all the additional settings in your smb-extra.conf would be a real chore. My suggestion is to remove all those entries, go back to more bare metal Unraid and then come back for support if you still have the same issues. Getting back to a standard SMB configuration will help us better support you. If you really have to have all those additional settings, get back to standard settings, monitor your file and folder permissions, and then add things back a little at a time and continue to monitor as you go. See if one of those settings is causing issues. You have also enabled multi channel. You should do all that through the Unraid UI so SMB is set up correctly. The smb-extra.conf lines are all global entries and it's easy to mess things up. I don't recommend using the 'veto files' statement. There is a fair amount of overhead to handle that and you can enable the hide dot files setting to hide them. Quote Link to comment
Maginos Posted March 30 Author Share Posted March 30 18 hours ago, dlandon said: Are you using Mac computers also? At the moment not, but I will. At least in some months. I'm waiting for the feedback to the new Mac Studio and if this is positive, I will buy one. I already have a MacBook Pro from Late 2016, but I don't want to use it anymore, as it doesn't get updates anymore. I tested SMB Performance on that machine and it was quite terrible. Loading times were very long and transfer rates were slow. With the settings I set, the performance improved drastically and it was on the same level as for Windows PCs. I don't know, how performance is on recent machines, but this is crucial for me, that I have a good SMB Performance. If I have to wait some seconds before I can access any folder on a SMB share, this is definitely too long. So I can remove the SMB Extras for some months, but when I get a new Mac and the SMB Performance is bad, I will definitely come back to this. I will also disable macOS Interoperability and multi-channel. Lets see, how it performs tomorrow. Quote Link to comment
dlandon Posted March 31 Share Posted March 31 Let's get your server permissions sorted out then come back to the SMB issues on a Mac. We have made some changes for better Mac support, and I will show you a much better way to apply your customizations to Mac SMB access. Quote Link to comment
Maginos Posted March 31 Author Share Posted March 31 6 minutes ago, dlandon said: I will show you a much better way to apply your customizations to Mac SMB access. This sounds great, I'm looking forward to that! But yes, you're right, let's figure out the SMB issue first. So what I just did on my DADS PC (which is in the LAN network) is the following: - In the Windows Explorer, I browsed all folders in /mnt/user/sharename, which worked perfectly fine. - Then, I created the file /mnt/user/sharename/test.odt, which worked also perfectly fine. Renaming it to test2.odt worked also. - Then I entered the folder /mnt/user/sharename/folderA and did there the same. Here comes the difference: After creating the /mnt/user/sharename/folderA/test.odt, I was NOT able to rename it due to a permission error. I went back to /mnt/user/sharename/ and tried to rename the test.odt file there, which DID NOT work (permission error again). Deleting this file worked. What I also observed is, that it is not possible to access the folder /mnt/user/sharename/folderA again after the permission error occured. All other folder I can enter, but not this one. On the VM on my unraid server, which is in the same network, as the unraid server, I got this error message as well. Actually I got an "network error" by clicking on my unraid servers name in the "Network" section in the windows explorer. So it doesn't seem to be a problem specifically related to my dads pc. Quote Link to comment
Maginos Posted April 3 Author Share Posted April 3 Good morning guys, maybe I have found what causes these issues: LibreOffice! I did some tests in my Win 10 VM and here are the results: WITH LIBREOFFICE INSTALLED: - When I rename a .odt file on the share in the Explorer, open it afterwards, edit it and try to save it, I get the permissions error. After around 5 retries, I can save the file. - When I go then back to the Explorer and try to rename the SAME .odt file, I get the permission error again. And not only for this file, but for the whole share. Then I uninstalled LibreOffice and installed OnlyOffice, did the same tests and everything works without any issues. I can edit and rename documents as long as I want, everything works. So I assume LibreOffice was the problem. I will now install OO on my dads PC and will report back in some weeks. I already set a reminder, so I won't forget. Thank you very much for your help! Quote Link to comment
Maginos Posted April 3 Author Share Posted April 3 @dlandon Maybe we can have a look at SMB speeds now. I did following tests: WINDOWS PCS: - My PC: iperf3: 713 Mbit/s Normal Mode; 787 Mbit/s Reverse Mode; LST: 261 Mbit/s Write; 649 Mbit/s Read (LST = LAN Speed Test App) - My Dads PC: iperf3: 857 Mbit/s Normal Mode; 939 Mbit/s Reverse Mode; LST: 566 Mbit/s Write; 877 Mbit/s Read LINUX PCs: - Proxmox shell: iperf3: 932 Mbit/s Normal Mode; 942 Mbit/s Reverse Mode; - DietPi PC (Shell): iperf3: 931 Mbit/s Normal Mode; 935 Mbit/s Reverse Mode; dd: 800 Mbit/s (dd command: sudo dd if=/dev/zero bs=1G count=1 of=/media/pictures/test status=progress; the path for the of is mounted via autofs). Here my interpretations: - Both WIN PCs don't get the same iperf3 results like the Linux based PCs, for my dads PC it's at least close. - Both WIN PCs get significant lower transfer speeds in the LAN Speed Test - The DietPi PC has okish write speeds - The SMB performance on my PC is lower than on my dads PC I have a Dell XPS 9560 Laptop and a Dell 6000 Docking station connected to it for the Ethernet Port. What can I do to improve the SMB performance on the Windows PCs? Quote Link to comment
dlandon Posted April 3 Share Posted April 3 9 minutes ago, Maginos said: What can I do to improve the SMB performance on the Windows PCs? Start with a fresh diagnostics. Quote Link to comment
Maginos Posted April 3 Author Share Posted April 3 Here are the diagnostics. tilda-diagnostics-20240403-1323.zip Quote Link to comment
Maginos Posted April 4 Author Share Posted April 4 @dlandon did you find anything in the diagnostics that might help me? Quote Link to comment
dlandon Posted April 4 Share Posted April 4 3 hours ago, Maginos said: @dlandon did you find anything in the diagnostics that might help me? Give me some time to review. Quote Link to comment
dlandon Posted April 4 Share Posted April 4 4 hours ago, Maginos said: @dlandon did you find anything in the diagnostics that might help me? I'll concentrate on network issues first: You have IPV6 enabled. Do you need it? If not turn it off. I see multiple vlans. Be sure they are configured properly for your situation. Turn off NetBIOS. Use a static IP address on your server. It's set right now for DHCP. Verify network settings on your PCs. Add a second NIC and set it up with a bonding mode to spread the load over both NICs. Other factors: Upgrade to 6.12.10. Remove un-get and NerdTools plugins then reboot. Make sure no packages will install after reboot. Do this before upgrading to 6.12.10. There may be some package interference. Quote Link to comment
Maginos Posted April 4 Author Share Posted April 4 6 minutes ago, dlandon said: You have IPV6 enabled. Do you need it? If not turn it off. No, I don't need it, I will turn it off. 7 minutes ago, dlandon said: I see multiple vlans. Be sure they are configured properly for your situation. I will remove them as well. 7 minutes ago, dlandon said: Use a static IP address on your server. It's set right now for DHCP. I have address reservation in my firewall, so it gets always the same IP. 8 minutes ago, dlandon said: Upgrade to 6.12.10. Already done. 8 minutes ago, dlandon said: Remove un-get and NerdTools plugins then reboot. Ok, I will remove them. Thank you for your tips! Quote Link to comment
Maginos Posted April 5 Author Share Posted April 5 Ok, so I deleted all vlans, switched off Netbios, removed un-get and Nerd Tools and rebooted my unraid server. It has a static IP address from day 1, so this is also set. In the network settings on my Windows 10 PC I checked, that SMBv1 is deactivated. The results from LAN Speed Test did not change. I checked the network load with netdata and it is pretty low (7 Mbit/s incoming, which is a stream from my surveillance camera, and 1.5 Mbit/s outgoing), so a secondary NIC should not be necessary. What else can I do? Quote Link to comment
JorgeB Posted April 5 Share Posted April 5 Have you done a single stream iperf test in both directions to confirm if it's a LAN problem? Apologies if it was already done, I didn't read the complete thread. Quote Link to comment
Maginos Posted April 5 Author Share Posted April 5 8 minutes ago, JorgeB said: Have you done a single stream iperf test in both directions to confirm if it's a LAN problem? Apologies if it was already done, I didn't read the complete thread. Yes I did, here the results: 740 Mbit/s Normal Mode; 797 Mbit/s Reverse Mode; Not too good, but at least write speeds are far away from the results from LAN Speed Test: 305 Mbit/s Write 778 Mbit/s Read I will try different cable later. Quote Link to comment
Maginos Posted April 7 Author Share Posted April 7 On 4/5/2024 at 4:06 PM, JorgeB said: Have you done a single stream iperf test in both directions to confirm if it's a LAN problem? Apologies if it was already done, I didn't read the complete thread. I tried now the same cable on one of my linux hosts and got around 940 Mbit/s in both directions. So the cable should be fine. Theres definitely something wrong either with my docking station or with my laptop. Quote Link to comment
Maginos Posted April 24 Author Share Posted April 24 (edited) @dlandon and @Frank1940: Hi guys, unfortunately, LibreOffice was not the issue. What I did today: - First I edited File A via SMB on my dads pc - Then I copied that file via SMB on my dads pc into the same folder - Saving this copy didn't work, and I got the error message that I don't have permissions to do so. The permissions of this copy are: -rwxrw----+ 1 username users The getfacl command gives this output: getfacl: Removing leading '/' from absolute path names # file: mnt/user/sharename/A/Test2 - Kopie.docx # owner: username # group: users user::rwx user:nobody:rwx #effective:rw- group::--- group:users:--- group:NT\040Authority\\anonymous\040logon:rwx #effective:rw- group:3007:rwx #effective:rw- mask::rw- other::--- After leaving folder A via SMB on my dads pc, the whole folder A is locked with the permission error. Has anyone any idea, what else I could try? Thank you once again! Maginos Edit: After using "New Permissions" via the Unraid Gui, the output of the getfacl command changes, which is expected of course: getfacl: Removing leading '/' from absolute path names # file: mnt/user/sharename/A/Test2 - Kopie.docx # owner: nobody # group: users user::rw- user:nobody:rwx #effective:rw- group::--- group:users:--- group:NT\040Authority\\anonymous\040logon:rwx #effective:rw- group:3007:rwx #effective:rw- mask::rw- other::rw- Edited April 24 by Maginos Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.