Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Recycle Bin Share Access and Permissions Question and Concerns

Featured Replies

I'm not sure if this is the correct place to post this, but move it if I'm in the wrong place.

 

I am reviving an old V5 recycle bin plugin that was originally done by Influencer.  It is basically a webgui for the built in vfs recycle module of samba.  I have it working and I use a hidden share named .Recycle.Bin for the deleted files.  This should technically end up being a hidden share.

 

Here is the section added to the smb-extra.conf file to specify the vfs recycle operation:

#Recycle bin share
[RecycleBin]
path = /mnt/user/.Recycle.Bin
read only = No

[global]
vfs objects = recycle
   recycle:repository = /mnt/user/.Recycle.Bin/%S
   recycle:directory_mode = 0777
   recycle:keeptree = Yes
   recycle:touch = Yes
   recycle:touch_mtime = Yes
   recycle:versions = Yes
   recycle:exclude = *.tmp   
   recycle:exclude_dir = .Recycle.Bin
acl allow execute always = yes

 

My concerns are:

  • The .Recycle.Bin share is visible in unRAID as "RecycleBin" when browsing in Windows and not hidden to Windows computers.  It should be hidden.  Can I control this by any settings?
  • What permissions do the deleted files have and how do we protect a file being deleted by one user being accessible by another user?
  • Is there a way for an administrator to control access to the recycle bin?

 

What I think should be happening:

  • The "RecycleBin" should be hidden.
  • Access to the "RecycleBin" should be controlled by the administrator and/or limited by user.

  • Author

I got my answer on the hiding the share.  It is a smb-extra setting:

 

browseable - No

 

Edit: I would honestly think the default operation for the vfs recycle should be a hidden share.

  • Author

I have been able to sort this out for myself by settings in the smb-extra.conf file that give me the control that I want.

  • Author

I also figured out that there is a way to add users.  The 'admin users ='.  You can then add additional admin users to those allowed to access the recycle bin.

 

User "admin" is always allowed access.

It doesn't make sense to limit what users can manipulate files in the samba recycle bin.  That is, if a user has write access to the share, why not have access to recycle bin of that share?  You are not understanding the concept of 'users' in unRaid.

  • Author

It doesn't make sense to limit what users can manipulate files in the samba recycle bin.

 

I know, but with the global settings I can't figure out how to do a per share recycle bin.  I believe a per share recycle bin would have to be set up in samba-shares.conf, which I can't manipulate.

 

That is, if a user has write access to the share, why not have access to recycle bin of that share?

 

Ok.  Tell me how to do that in samba-extra.conf.

 

You are not understanding the concept of 'users' in unRaid.

 

I fully understand the concept of 'users' in unRAID.  What I don't understand is samba.  My OP was to try to sort out how to do a per user recycle bin, security, etc.  All I can seem to get is admin access to specified users on a global basis.

 

So if my understanding is so bad, how about you give me the smb-extra.conf settings to do a per share recycle bin?

 

I really don't appreciate the comment that I don't understand the "concept of 'users' in unRAID" when I am trying to reach out and get some help on how to do security and implement the recycle bin.

 

I have invested a lot of time in this effort, at a pretty miserable compensation (like zero) and i get a comment that I don't understand 'users' in unRAID.  Really Tom!

 

If my efforts are all that poor, please do a pull from my repository and implement this feature yourself.

It doesn't make sense to limit what users can manipulate files in the samba recycle bin.

 

I know, but with the global settings I can't figure out how to do a per share recycle bin.  I believe a per share recycle bin would have to be set up in samba-shares.conf, which I can't manipulate.

 

That is, if a user has write access to the share, why not have access to recycle bin of that share?

 

Ok.  Tell me how to do that in samba-extra.conf.

 

You are not understanding the concept of 'users' in unRaid.

 

I fully understand the concept of 'users' in unRAID.  What I don't understand is samba.  My OP was to try to sort out how to do a per user recycle bin, security, etc.  All I can seem to get is admin access to specified users on a global basis.

 

So if my understanding is so bad, how about you give me the smb-extra.conf settings to do a per share recycle bin?

You didn't ask me to test that for you.

 

I really don't appreciate the comment that I don't understand the "concept of 'users' in unRAID" when I am trying to reach out and get some help on how to do security and implement the recycle bin.

 

I have invested a lot of time in this effort, at a pretty miserable compensation (like zero) and i get a comment that I don't understand 'users' in unRAID.  Really Tom!

 

If my efforts are all that poor, please do a pull from my repository and implement this feature yourself.

 

Look man, no disrespect intended, and I take no offence at your attempt to 'strike back'.

 

Getting back to the subject you asked about: I thought you could add per-share sections in smb-extra.conf and it would augment the list of vars for that share later included by smb-shares.conf.  In doing some simple tests that appears to not be the case.  So I was wrong about that assumption and I don't mind admitting I'm wrong, nothing personal.

 

Another approach would be to hook into the 'svcs_restarted' event and use sed or something to augment the var list for specific shares that are enabled for having a recycle bin.  If that proves to be pain-in-the-neck, how about I do something like this: for each share add an "include /boot/config/shares/<share-name>.conf" line.  This way you can change whatever you want on a per-share basis.

What if you add another reference to an include file in /etc/samba/samba.conf, similar to what is done for user and disk shares (smb-shares.conf)?

 

This would allow the plugin to build its own conf file with specific settings for each share.

 

The /etc/samba/smb.conf file today looks like this:

 

[global]
        # configurable identification
        include = /etc/samba/smb-names.conf

        # log stuff only to syslog
        log level = 0
        syslog = 0
        syslog only = Yes

        # we don't do printers
        show add printer wizard = No
        disable spoolss = Yes
        load printers = No
        printing = bsd
        printcap name = /dev/null

        # misc.
        invalid users = root
        unix extensions = No
        wide links = Yes
        use sendfile = Yes
        aio read size = 0
        aio write size = 0

        # ease upgrades from Samba 3.6
        acl allow execute always = Yes

        # hook for user-defined samba config
        include = /boot/config/smb-extra.conf

        # auto-configured shares
        include = /etc/samba/smb-shares.conf

 

I could change to this:

 

[global]
        # configurable identification
        include = /etc/samba/smb-names.conf

        # log stuff only to syslog
        log level = 0
        syslog = 0
        syslog only = Yes

        # we don't do printers
        show add printer wizard = No
        disable spoolss = Yes
        load printers = No
        printing = bsd
        printcap name = /dev/null

        # misc.
        invalid users = root
        unix extensions = No
        wide links = Yes
        use sendfile = Yes
        aio read size = 0
        aio write size = 0

        # ease upgrades from Samba 3.6
        acl allow execute always = Yes

        # hook for user-defined global samba config
        include = /boot/config/smb-extra.conf

        # auto-configured shares
        include = /etc/samba/smb-shares.conf

        # hook for user-defined per-share samba config
        include = /boot/config/smb-extra2.conf

 

I believe it *does* work to have extra [share-name] parameters in there at that point.

 

[i'm actually out of the office today and it's not easy for me to test this, but someone could set this up exactly as above and test.]

  • Author

I appreciate the responses, but I have found an incredibly simple answer that looks like it will do a per share recycle bin.  I am basically faking out vfs recycle to do that for me in smb-extra.conf.

 

Adding a per share to the smb-extra.conf does not work.  It overwrites the other share settings.

 

Messing with smb.conf is not what I consider a good approach.  I don't want to walk through each share and apply settings.  I rather prefer the global approach.

 

Tom, I am not one to start flaming.  I learned a long time ago that it is best to stop a discussion when it gets to that point, but telling me I don't understand unRAID 'users' is not conducive to this discussion when the issue is not my understanding of 'users', but samba.  And, yes it rather pissed me off.  Enough said.

 

You should probably delete this thread or I will.  There is nothing of value here.

I appreciate the responses, but I have found an incredibly simple answer that looks like it will do a per share recycle bin.  I am basically faking out vfs recycle to do that for me in smb-extra.conf.

I'd like to see what you have in mind.

 

Adding a per share to the smb-extra.conf does not work.  It overwrites the other share settings.

As I indicated above.

 

Messing with smb.conf is not what I consider a good approach.  I don't want to walk through each share and apply settings.  I rather prefer the global approach.

That's what I meant above by "pain-in-the-neck" which is why I proposed a per-share include file or another single include file that gets read after share config is set.  Figuring out the best approach is the point of this discussion and this board.  It's not good enough to hack a solution that simply "works" - it should also work "well".

 

Tom, I am not one to start flaming.

Then why did you start?  and why continue this?  Get over it.

 

I learned a long time ago that it is best to stop a discussion when it gets to that point, but telling me I don't understand unRAID 'users' is not conducive to this discussion when the issue is not my understanding of 'users', but samba.  And, yes it rather pissed me off.  Enough said.

Whatever man.  If that kind of thing gets under your skin, how do you expect to hash out design decisions?  Look I appreciate all your contributions, but this particular board is for developers to discuss code and code design.  You have to expect there will be misunderstandings.

 

You should probably delete this thread or I will.  There is nothing of value here.

You are free to delete your posts any time.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.