Read/Write access denied with mounted drives?

finch_6
Sorry for the late attention. I opened an issue about it on Github to force a solution in v6.15 release, or at least to find a workaround for your case to apply: https://github.com/Fourdee/DietPi/issues/2067

I never really used network drives, so can just guess what could be a reason that your chown/chmod attempts failed:

  • Can you check if the file system of the Samba server actually supports permissions? E.g. usual Windows file systems NTFS and FAT do not support the POSIX permissions that you apply on Linux systems via chown/chmod. An NTFS drive directly attached to a Linux system at least does not support it. I am now not sure, how this is handled in case of network drives, but it makes sense that it is the same there.
  • A thinkable solution, that goes hand in hand with the case, that ls -al actually shows root:root and 755 permissions, is that somehow by the mount driver just Samba client side, permissions are applied. Possibly one can change those permissions via some Samba/mount settings. In this case we would need to change the permissions client-side to dietpi:dietpi 775 (or 770), which would allow read/write access for Sonarr and other software.

About what changed with v6.12:

  • For security and consistency reasons we switched several software titles to run not as root user any more, but as an own user. E.g. Sonarr now runs as user sonarr, with limited access to the /mnt/dietpi_userdata directory and it’s own install, config and data directories of course.
  • We solved cross access (Media players => downloader directories, downloaders => network share (Server!) dirs and such) via dietpi user group. Sonarr runs as dietpi group (sonarr:dietpi) which allows read/write access to shares, download and media dirs etc.
  • But to be true, we did not yet think about network mounts, just about cases where the DietPi system is network share server :roll_eyes:. And if permissions cannot be applied, this is a further difficulty, as above.

Hi,

I don’t believe Samba supports setting file/folder permissions, as the permissions used are set during the mount, as defined by the server:
https://github.com/Fourdee/DietPi/issues/2067#issuecomment-420568750

i"m having the exact same issue with a mounted Samba share, from the terminal i can create folders etc. but none of the services i installed (sonarr, radarr, sabnzbdplus) are able to create files on the /mnt/share i tried to play with some setting withing the /etc/fstab file but so far no luck , is there a way to change the users these services are running on?

Updated to v6.15 yesterday and still no joy with this…?

Still getting the same error…


MichaIng, Im busy working on answers to your questions :rofl: :rofl:
Im not a boffin with this stuff, just know enough to get by…

Seems this all started when the permissions where changed from root to sonarr… wish it was just as easy as changing back…

:thinking: :thinking: :thinking:

MichaIng, Fourdee,

Since this wasn’t resolved in v6.15, is there any way to “roll back” to a version of DietPi that didn’t have this issue??
At least until it is resolved???

Im all for having the latest version of any software (even test builds), but this is one I’d rather go back to an older version until its fixed…

Hi,

Unfortunately, it is not possible to roll back to a previous DietPi version, unless you have a DietPi-Backup of the system, which can be used to restore.

I’ll run some local testing in regards to trying to find a solution for samba as userdata folder, with non-root account access.
https://github.com/Fourdee/DietPi/issues/2067#issuecomment-421752937

Failing the above, i’ll give you information in regards to setting the run-level user for those applications to root (which will make some “security” aware users cry :slight_smile:)

Hi Fourdee,

Thanks for the reply. I look forward to any solution possible, thank you!!

finch_6 Fourdee
I found a solution :sunglasses::

sed -i 's/,iocharset=utf8,vers=/,iocharset=utf8,uid=dietpi,gid=dietpi,file_mode=0770,dir_mode=0770,vers=/g' /etc/fstab
umount /mnt/samba
mount -a
ls -al /mnt/samba

NB: Replace /mnt/samba with the actual mount location.
The above sets user (uid) and group (gid), as well as global file and directory permissions for the whole samba share.
dietpi:dietpi 770 should allow r/w access for Sonarr and such, as these software titles run as their own user, but as dietpi group.
umount and remount is needed to apply the changes, then check via ls -al.
Somehow external guides mention that as well Samba server side there need to be changes done, but it worked here to create a totally new user, set it as uid+gid, remount and access + create files with this user within the mount.

Fourdee
I think we should set this as default for samba mounts, to allow access for our download and media software?
I am going to find out how to achieve the same for nfs mounts.

Cool…so mounting it with the file_mode=0770,dir_mode=0770 sets it for read/write by non-root users?

Glad you guys showed up…I was at a complete loss

1 Like

MichaIng,

You are a super star! Thanks so much!! Worked perfectly. Back to a working setup again :slight_smile: :slight_smile:


Also a huge thank you to you WarHawk for your help…


Failing the above, i’ll give you information in regards to setting the run-level user for those applications to root (which will make some “security” aware users cry > :slight_smile:> )

Thanks Fourdee for having the work around on standby!!

It allows r/w access for all users of the dietpi group, which includes all the software run users that we recently switched from root to their own separate ones for security reasons.

To allow r/w for really all users, 0777 modes would be needed, but this would break the security efforts :wink:.

Glad it works now. We will implement this as default for samba mounts via dietpi drive manager.

For those who use NFS mounts:
As long as the nfs servers file system supports permissions, you can apply them as usual via chown/chmod on server and client vice versa. I am going to test how to solve it, if the server does not support permissions.

I’m having the same issue and i have spent 10+hours over the last few days trying to get this sorted.
Had 6.14 everything was working as it should, updated to 6.16 and everything stopped working and i mean EVERYTHING. Dietpi wasn’t even loading after the update. Reinstalled Dietpi onto my Odroid C2, it auto updated to 6.16 and then install all my programs again. Orginally i had plex.cred and this is how my fstab has been and working without issues before update.
#Please use DietPi-Drive_Manager to setup network mounts
//192.168.XX.XXX/video /mnt/samba cifs auto,defaults,nofail,credentials=/etc/plex.cred,uid=plex 0 0
//192.168.XX.XXX/music /mnt/samba_2 cifs auto,defaults,nofail,credentials=/etc/plex.cred,uid=plex 0 0
//192.168.XX.XXX/photo /mnt/samba_3 cifs auto,defaults,nofail,credentials=/etc/plex.cred,uid=plex 0 0

all 3 folders worked with qbittorrent, sonarr and Plex, mounts are on a synology NAS 6.14 i had to create a plex user to get it working. Sonarr and Qbittorrent ran without issue.

Installed 6.16 tried adding a new series then the problems started with Qbit starting D/L and then stopping them or running at 800bps - 1Kbps or not downloading at all and Sonarr would not rename files. Diving deeper it said not access to folder, added download station to the downloads client and ran full speed and downloaded files, however Sonarr couldn’t move them.

I have tried setting up a new sonaar user in Synology Nas and giving it all the permissions the same as Plex but no luck. I have tried new permissions and changing permissions both in webmin and nas and still would not work. Changed folders to windows ACL still not accessed via Dietpi side. Made new folder on the NAS and moved Tv Shows to this new folder and still no go. Changed on dietpi side to dietpi:dietpi 0777,0775,0755 changed to plex:dietpi and still nothing. Also have tried changing the 0770 now on the mounts and nothing is changing anymore, staying at 0777.

Installed Sonarr on synology gave Sonarr sc-nzbdrone permission to the folder and boom everything working again as it should via the NAS side. There is something that has changed in Dietpi that is not working since the change.

I’m lazy and went back to running as root. NFS share doesn’t allow client side uid/gid settings.

In /etc/systemd/system/sonarr.service comment out the User and Group lines:

[Unit]
Description=Sonarr (NzbDrone) Daemon
After=network.target

[Service]
#User=sonarr
#Group=dietpi
Type=simple
ExecStart=/usr/bin/mono -O=-aot /opt/NzbDrone/NzbDrone.exe -nobrowser -data=/mnt/dietpi_userdata/sonarr

[Install]
WantedBy=multi-user.target

Reload the service settings:

systemctl daemon-reload

Restart the service:

service sonarr restart

Man, thanks so much for this answer this was an issue that I’ve been having for a couple years now and I could never figure it out. Finally saw this and it worked right away.

Merry Christmas!

Great!!!

Can’t wait for the solution for the NFS mount also and finally be able to use my Synology NAS as a persistent NFS storage share for my RPI Docker Swarm !!

Thanks for all the efforts!!!

Hi,

there is no problem to use your Synology as NFS Server together with DietPi. You can mount the NFS share using dietpi-drive_manager

MichaIng

Just a heads up, this seems to have crept in again…

Everytime we have a power cut and the pi boots up again, the mounted smb drives are gone… They have to be re added again…

Can you check journalctl to see where those drives are tried to be mounted at boot, which hopefully shows a related error message?

are the mounts persist an regular reboots?

MichaIng Joulinar - I’m so sorry, I posted this in the wrong topic… :man_facepalming:t3:
What a noob…!!

Was meant to be in Samba Share doesn’t mount after “reboot”.

Will post there now…