Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

General SMB security question

Featured Replies

OK, so I dont see it as an issue, just maybe my misunderstanding within SMB security and Linux.

 

So I created my new users in version 5.  One for the office PC, one for each PCH and another for my linux system running SAB, Sickbeard and now headphones.

 

I ran the newperms script in the beginning and everything was good.

 

drwxrwx--- 1 nobody users, but then the files show -rw-rw---- 1 nobody users

 

So the issue is such.  When Sickbeard or headphones post processes, the folder created and the files inside take on the permissions of the smb mount user.  In the case of these apps, the folders are mounted by user mint, so the permissions ase:

 

 

drwxrwx--- 1 mint  users

 

The issue is that once I do this, I am not able to access the folder and files from my pc using user name office.  If I reun newperms on it and it resets to drwxrwx--- 1 nobody users, then all is well again.

 

Therefore, I guess my question is, is there a way to make even files and folders written by a specific user still readable by all?  Like keep the nobody root permissions.  Or, is the best answer to use one user name across the board?

 

I figure the there would have to be a way because if this was a case of a shared folder for multiple users, then nobody could read the content written by the other user.

 

So, is this where group level access comes into play and if so, is it in use on unRAID?  I would be good both ways, either share a single user or make all files still available to all users regardless of the user that actually wrote the file.

 

The one thought I had was that it is something with my mount command, do I need to specify a uid and gid?

With those permissions all users should be able to r/w the files since the 'group' is the same. The only other difference is the fact that the files are not executable but that shouldn't make a difference. You could change the settings in the apps to give full permissions and see if that helps.

 

As I'm sure you know, the 'd' just signifies its a directory so that's not an issue.

I had all sorts of problems with SMB after upgrading to 5.0-rc8a. I think that the smb code has changed.

 

To fix (seems to work most of the time.....YMMV)

 

create or edit the file  SMB-EXTRA.CONF in \\tower\flash\config (config directory on flash drive)

... add the following lines...

 

 

[global]

  security = USER

  guest account = nobody

  public = yes

  guest ok = yes

  map to guest = bad user

  force create mode = 0660

  force directory mode = 0770

  force user = nobody

  force group = users

  create mask = 0660

   

max protocol = SMB2

 

 

 

 

 

... you may have to reboot afterwards.

HTH, Tony

  • Author

Influencer, I did notice the missing x...if this were normal, or even 4.7 with no users, only root, would it be there?  should it be there?  Things do function correctly, but I wonder.

 

When you say to give full permissions in the apps, what exactly does that mean and how would I do it?

 

spants, that file, just so I can understand, what is it doing exactly?

 

Thanks guys.

 

 

  • Author

As reference, I also wanted to post one of my mount commands as I feel that too could be part of the issue on some way

 

//tower/Music /mnt/Music cifs username=mint,password=,uid=1000 0 0

spants, that file, just so I can understand, what is it doing exactly?

 

It just tells the os to use those permissions when creating a directory or file by smb - ie windows

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.