Cannot chmod NFS: Operation not permitted

[medicineman25]

I am running up the following wikijs stack inside portainer:

Code:

version: '2'
services:
  db:
    image: postgres:11-alpine
    environment:
      POSTGRES_DB: wiki
      POSTGRES_PASSWORD: <pass>
      POSTGRES_USER: <user>
    logging:
      driver: "none"
    restart: unless-stopped
    volumes:
      - type: volume
        source: db-data
        target: /var/lib/postgresql/data
        volume:
          nocopy: true


  wiki:
    image: requarks/wiki:2
    depends_on:
      - db
    environment:
      DB_TYPE: postgres
      DB_HOST: db
      DB_PORT: 5432
      DB_USER: <user>
      DB_PASS: <pass>
      DB_NAME: wiki
    restart: unless-stopped
    ports:
      - "3030:3000"


volumes:
  db-data:

Have an NFS share with the following options:

NFS Share:
- share: /mnt/Media/nfs
- All dirs
- Enabled
- Mapall User: nfs
- Networks: 10.0.20.90


'nfs' User:
- RWX on /mnt/Media/nfs


NFS Service:
- Allow non-root mount
- Enable NFSv4
- NFSv3 ownership model for NFSv4


I am trying to alter the wikijs content directory so that it writes back to my NFS share. If I open the wikijs-wiki-1 container (in Portainer), click Edit/Duplicate and alter the volume to a previously created NFS volume, it will output the following error:

Failure
failed to chmod on /var/lib/docker/volumes/wikijs_content/_data: chmod /var/lib/docker/volumes/wikijs_content/_data: operation not permitted

I have tried:

- making the nfs chmod 755, 775, 777
- Mapall User to wikijs and nfs user + chown the folder to wikijs and nfs group/user
- screaming into a fucking pillow and setting fire to my mattress

It should be noted that an organizr container, using the same nfs, is perfectly capable of switching over to use this data point.

NOTE: I've also posted a ticket to portainer github

 

[anodos]

Set the zfs aclmode on the dataset in question to "passthrough".

 

[medicineman25]

Set the zfs aclmode on the dataset in question to "passthrough".

Thank you @anados, it turns out I had made a serious boo-boo and setup a root dataset. Silly me.

Once that was sorted, to get this working I also had to set no_root_squash on the share by setting Maproot group & user to wheel and root.

 

[alignedfibers]

Thank you @anados, it turns out I had made a serious boo-boo and setup a root dataset. Silly me.

Once that was sorted, to get this working I also had to set no_root_squash on the share by setting Maproot group & user to wheel and root.

Instantly fixed my issue. This one sentence was worth at least 1-2 hours of very determined troubleshooting.