Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

4.5-beta6 permissions issue

Featured Replies

I have a AD setup.  On the unRAID Settings tab, my AD initial owner is set my account and the AD initial group is set to "DOMAIN\unRAID Users".

 

I set permissions in order on all folders where the owner is my account and the group is "DOMAIN\unRAID Users".  All directory permissions are set to 775 and all file permissions are set to 644.

 

When I use Explorer to browse to a file on the user share (e.g. \\tower\TV\Comedy\Saturday Night Live\s34e21), I can see the file I want to view (let say it's an .avi or .mkv file).  If I double click it to launch Media Player, Media Player cannot play the file and unRAID magically changes the permissions on the folders so that I can no longer view the folders or files under TV\Comedy.

 

Logging into the server, and doing an "ls -lR /mnt/user/TV/Comedy", I see the folder permissions on TV/Comedy, TV/Comedy/Saturday Night Live, and TV/Comedy/Saturday Night Live/s34e21 and are now 644 and the group is now "DOMAIN\domain users".  If I use chown and chmod to reset the permissions back to 775, I still cannot access those folders after that (even though they do not change again upon re-attempted access via Explorer at that time).

 

Accessing via disk shares (e.g. \\tower\disk1\TV\Comedy ... ) works fine.

 

Edit:

I did a chmod -R 775 on /mnt/user/* and rebooted the unRAID server and the problem seems to have cleared up.

 

 

 

  • Author

One other note... I did see the issue reoccur, so I know there's a problem here somewhere... it's just not trivially reproducible.

I'm having a similar problem with Beta 6. I haven't troubleshot it as much as Nyago123, but I did the permissions thing. Got access to my files. Next day, access gone again.

 

I've had to turn Active Directory support off for the moment so that we can continue to access files.

 

Hope we have a solution soon--I really want AD!

 

Tony

  • 1 month later...

I'd like to push this thread up - because me too tried AD-security without success (wastn't able to join the domain) and went back to simple security for the time now.

I definately need only readaccess for common users, restricted access for some shares for the kids and full access for the admin.

 

Anybody with a successful config in use? Or do I need to wait for next beta?

 

Thanks, Guzzi

 

PS:

log shows:

Jul 22 21:28:04 XMS-GMI-02 emhttp: shcmd (214): /usr/bin/net ads join -U "Administrator"%"*****" 2>&1 | logger

Jul 22 21:28:04 XMS-GMI-02 logger: realm must be set in in /etc/samba/smb.conf for ADS join to succeed.

Jul 22 21:28:04 XMS-GMI-02 logger: Invalid configuration. Exiting....

Jul 22 21:28:04 XMS-GMI-02 logger: Failed to join domain: Invalid parameter

Jul 22 21:28:05 XMS-GMI-02 emhttp: shcmd (215): /usr/bin/net ads testjoin -P >/dev/null 2>&1

Jul 22 21:28:05 XMS-GMI-02 emhttp: _shcmd: shcmd (215): exit status: -1

 

 

 

  • Author

Hi Guzzi,

 

My AD works with caveats:

1. I created a domain admin login account with a password where neither contained any special characters or spaces which is exclusively for unRAID use.  Some of the early issues involving this may have been fixed but I'm sticking with this for now.

2. On the Shares page, I did set my own account and a group I created as the AD initial owner and the AD initial group.

 

I continue to see the aforementioned bug where security changes spontaneously when browsing on whole directory trees in /mnt/user.  What I notice is that the permissions go to 644 and the group becomes "domain users" instead of what I've specified as the AD initial group on the Shares page.  This tells me "domain users" is hard-coded in somewhere or is in some config file from prior use.  When this happens, I just go do a chmod -R 775 directory and a chown -R "<user>:<group>" directory to fix it in /mnt/user.

 

I do notice I have both a /mnt/user and a /mnt/user0.  I don't know what they are both for.

 

Hi Guzzi,

 

My AD works with caveats:

1. I created a domain admin login account with a password where neither contained any special characters or spaces which is exclusively for unRAID use.  Some of the early issues involving this may have been fixed but I'm sticking with this for now.

2. On the Shares page, I did set my own account and a group I created as the AD initial owner and the AD initial group.

 

I continue to see the aforementioned bug where security changes spontaneously when browsing on whole directory trees in /mnt/user.  What I notice is that the permissions go to 644 and the group becomes "domain users" instead of what I've specified as the AD initial group on the Shares page.  This tells me "domain users" is hard-coded in somewhere or is in some config file from prior use.  When this happens, I just go do a chmod -R 775 directory and a chown -R "<user>:<group>" directory to fix it in /mnt/user.

 

I do notice I have both a /mnt/user and a /mnt/user0.  I don't know what they are both for.

 

 

Hi Nyago,

 

thanks for your help offered, but I think I am too far away from linux to deal with permissionsets etc. - if Tom is aware of this problem I hope for a fix from his side for the next release.

I have now changed to user security for the time it takes - took me quite some time to figure out that no capital letters are allowed ....

 

 

/mnt/user0 is afaik the same as user and used internally if you have configured a cache disk.

 

I also use hidden shares for smb-extra.conf - I have my root share in there. Anybody know the securitysettings for this share (that allows access to averything and is not configurable in the webGUI)?

 

Guzzi

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.