nik82 Posted March 17, 2020 Share Posted March 17, 2020 (edited) Hi, We run a small unraid server at the office for our product photo shoots. We recently upgraded the server to version 6.8.3, after the update we lost permission to the output files of our docker pdf scanner docker - ocrmypdf-auto Today i solved this issue by running the Docker Safe New Perms from the tools section, this fixed the issue but now we are getting random access denied to our main SMB share from a windows machine. If I re-run the Docker Safe New Perms it temporarily works before one of the sub folders get the same access denied error, re running the Docker Safe New Perms fixes this again but will randomly give the same error on another sub folder after a few minutes. I tried running the New Permission selecting both our harddrives and the share folder, this gave the same temporary fix that later results in 1 or more folders getting access denied. UPDATE! - Anytime we write something to a folder in the share we get access denied when trying to access it after. So any new file creation or copy of a file to a folder on the share results in access denied when trying to access that folder later. I am a bit desperate and any help would be greatly appreciated Edited March 17, 2020 by nik82 Quote Link to comment
Frank1940 Posted March 17, 2020 Share Posted March 17, 2020 2 hours ago, nik82 said: pdf scanner docker - ocrmypdf-auto The owner and group for the files that it creates is probably set wrong in the setup of the Docker. It should be nobody for the owner and users for group. If it not obvious how to set these, you should be asking in the support thread for the Docker. Quote Link to comment
nik82 Posted March 17, 2020 Author Share Posted March 17, 2020 Thanks for getting back to me. The problem is that is is affecting folders that are not associated with the docker and when the docker is not used or started. The docker has a separate folder on the share Input and Output folder, these have not been used today and the docker was turned off, yet we keep getting random access denied on random sub folders of our main SMB share. Quote Link to comment
Frank1940 Posted March 17, 2020 Share Posted March 17, 2020 You are going to have to figure out what files you can't access and what put them onto the server. You should know what Plugins and Dockers are putting files there... Quote Link to comment
nik82 Posted March 17, 2020 Author Share Posted March 17, 2020 (edited) Hi I think you are misunderstanding my problem. Let me try to clarify. Our Normal SMB Share that we work from will work until we put any files on it. If we put a file in SMB SHARE -> SUB FOLDER1, as soon as the file is written we can no longer open SUB FOLDER1 as we get an access denied error. We can still access SUB FOLDER2, SUB FOLDER3 etc. If we save a file to SUB FOLDER2 the exact same thing happens, as soon as the file is saved, or if any file is copied we can no longer access SUB FILDER2. If i then run Docker Safe New Perms it will temporarily fix the problem until we write anything to any folder again. To clarify, we are NOT using a docker to write these files, we are saving them with Photoshop directly to the SMB Share, and the same thing happens if we just copy a file using windows. The system has been working flawlessly for over a year prior to this issue but it all starter after running - Docker Safe New Perms to fix the permission error we got from files that the docker ocrmypdf-auto was creating. And that bug began after updating unraid to the latest version. We have tried disabling the docker (Stopping it) but it does not fix the issue Edited March 17, 2020 by nik82 Quote Link to comment
Frank1940 Posted March 18, 2020 Share Posted March 18, 2020 I will tel you what you are going to have to do to begin to analyze this problem. On the Taskbar (just under the Banner) at the right side, Open a terminal session. It is the >_ icon. Now look at the screen capture below: Quick explanation. The d at the beginning of the permission means that the object is a directory. The - at the beginning means it is a file. There are now three blocks of rwx permisions, first is for owner, second is for group ant the third is for others. A - in any spot means that permission does not exist for that attribute! (Oh, the x stands for execute-- extensions have no meaning in Linux, you have to have explicitly set permission on a file to allow it to execute. If a directory does not have the execute bit set, you can not browse the contents!!!) You will have to navigate through your data files until you find something that does not exactly match the screen capture. Quick note: after you have entered a few commands, just hit the 'UP' and 'DOWN' arrow keys. With a command in place, try the right and left arrow keys. You will find that the shell has lot of editing 'features' built in to simplify your life! Remember that Google is your friend... Quote Link to comment
nik82 Posted March 18, 2020 Author Share Posted March 18, 2020 Thank you for your reply. quite note, disabling Cache drive on the share fixes the issue for some reason. With the cache drive disabled i ran your command and it resulted in the below with Nextcloud missing the RWX at the end drwxrwxrwx 1 nobody users 40 Mar 18 00:36 ./ drwxr-xr-x 7 root root 140 Mar 18 19:35 ../ drwxrwxrwx 1 nobody users 142 Feb 11 11:40 appdata/ drwxrwxrwx 1 nobody users 20 Jun 28 2019 domains/ drwxrwxrwx 1 nobody users 117 Jun 28 2019 isos/ drwxrwx--- 1 nobody users 189 Feb 13 17:02 nextcloud/ <----------------------------------------------- drwxrwxrwx 1 nobody users 26 May 4 2019 system/ drwxrwxrwx+ 1 nobody users 4096 Mar 17 15:18 unraid/ Quote Link to comment
Frank1940 Posted March 19, 2020 Share Posted March 19, 2020 On 3/17/2020 at 9:38 AM, nik82 said: UPDATE! - Anytime we write something to a folder in the share we get access denied when trying to access it after. So any new file creation or copy of a file to a folder on the share results in access denied when trying to access that folder later. Is this true for every computer on your network? Is there a Docker or Plugin that could be involved? 7 hours ago, nik82 said: drwxrwx--- 1 nobody users 189 Feb 13 17:02 nextcloud/ <----------------------------------------------- So the question you have to ask is "What exactly is doing the writing to these folders which is causing the permissions to get changed?" I know of no way that a Windows computer can do this by writing using SMB! Do you have any computers that are making a connection via NFS? (And I am not sure that NFS could be able to make this type of change...) Quote Link to comment
ax77 Posted June 1, 2020 Share Posted June 1, 2020 Did you ever fix this issue? I've been having this same issue for some time now. I lose write permissions after writing a file. If I run the mover it temporarily fixes it until the next write. Once I disable cache drive it works fine. Any help would be appreciated. I've attached my diagnostics zip tower-diagnostics-20200601-0819.zip Quote Link to comment
FelixTheEpic Posted July 23, 2020 Share Posted July 23, 2020 Did anyone find a root cause and/or solution for this? Mine is a little different but sounds very similar in that I would guess its more to do with a user group issue. In my situation, I have a torrent-downloader with uid=99 and gid=100 that is creating folders/files with the drwxrwx--- permissions. Looks good because I am attempting to access from a user in the same "users" group (gid=100).. but I cannot access. I have tried from both Win10 and Ubuntu with no success. Mapping to the /docker_downloads folder or to a "root folder" and signing in with the user2 name/pass makes no difference. I created another user, ensured it also was in gid=100 (it could not access), chown to the new user, but still cannot access from other users in the same group. I ran the commands below to see the user/folder settings and it looks like it should work correct? root@Tower:~# id nobody uid=99(nobody) gid=100(users) groups=100(users) root@Tower:~# id user2 uid=1001(user2) gid=100(users) groups=100(users) root@Tower:~# ls -al /mnt/user/docker_downloads/ total 0 drwxrwxrwx+ 1 nobody users 28 Jul 23 13:55 ./ drwxrwxrwx+ 1 nobody users 76 Jul 22 13:37 ../ drwxrwxrwx+ 1 nobody users 122 Jun 1 14:00 xxxxx/ drwxrwxrwx+ 1 nobody users 266 Jul 23 13:31 xxxxxxxxxx/ drwxrwxrwx 1 nobody users 70 May 26 19:25 xxxxxx/ drwxrwxrwx 1 nobody users 796 Jul 10 12:25 xxxxxx/ drwxrwxrwx+ 1 nobody users 10 Jul 18 07:53 xxxxxx/ drwxrwx---+ 1 nobody users 244 Jul 23 11:29 test/ drwxrwxrwx 1 nobody users 176 Jul 2 12:07 xx-xxxxxx/ root@Tower:~# groups nobody nobody : users root@Tower:~# groups user2 user2 : users Quote Link to comment
ax77 Posted July 25, 2020 Share Posted July 25, 2020 On 7/23/2020 at 12:48 PM, FelixTheEpic said: Did anyone find a root cause and/or solution for this? Mine is a little different but sounds very similar in that I would guess its more to do with a user group issue. In my situation, I have a torrent-downloader with uid=99 and gid=100 that is creating folders/files with the drwxrwx--- permissions. Looks good because I am attempting to access from a user in the same "users" group (gid=100).. but I cannot access. I have tried from both Win10 and Ubuntu with no success. Mapping to the /docker_downloads folder or to a "root folder" and signing in with the user2 name/pass makes no difference. I created another user, ensured it also was in gid=100 (it could not access), chown to the new user, but still cannot access from other users in the same group. I ran the commands below to see the user/folder settings and it looks like it should work correct? root@Tower:~# id nobody uid=99(nobody) gid=100(users) groups=100(users) root@Tower:~# id user2 uid=1001(user2) gid=100(users) groups=100(users) root@Tower:~# ls -al /mnt/user/docker_downloads/ total 0 drwxrwxrwx+ 1 nobody users 28 Jul 23 13:55 ./ drwxrwxrwx+ 1 nobody users 76 Jul 22 13:37 ../ drwxrwxrwx+ 1 nobody users 122 Jun 1 14:00 xxxxx/ drwxrwxrwx+ 1 nobody users 266 Jul 23 13:31 xxxxxxxxxx/ drwxrwxrwx 1 nobody users 70 May 26 19:25 xxxxxx/ drwxrwxrwx 1 nobody users 796 Jul 10 12:25 xxxxxx/ drwxrwxrwx+ 1 nobody users 10 Jul 18 07:53 xxxxxx/ drwxrwx---+ 1 nobody users 244 Jul 23 11:29 test/ drwxrwxrwx 1 nobody users 176 Jul 2 12:07 xx-xxxxxx/ root@Tower:~# groups nobody nobody : users root@Tower:~# groups user2 user2 : users never found the root cause but with the help of another member I was able to remove ACL rules from the affected shares/directories. see here 1 Quote Link to comment
TallMan206 Posted February 21, 2021 Share Posted February 21, 2021 I also have this EXACT same issue. I am browsing through folder on my Unraid NAS and at the next moment I cannot access that very same folder anymore. This while just browsing. Folders and files change to permissions 644 and I have to go to the command line of Unraid to put the folder back to 777 permissions. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.