Cant Access CIFS Share on Ubuntu

Status
Not open for further replies.
N

NightNetworks

Explorer
Joined
Sep 6, 2015
Messages
61
So as the title suggests I am having some issues mounting one of my CIFS shares on Ubuntu.

I have a CIFS share called "OwnCloud" that has been configured as follows...
  • FreeNAS Configuration
    • Owner >> sv-backup01
    • Owner Group >> Backupusers
    • Permission Type >> Windows
  • Share Permissions (configured from windows PC)
    • Owncloud (freenas user) >> Full Control
    • BackupUsers (freenas group) >> Full Control
  • File Permissions (configured from windows PC)
    • Owncloud (freenas user) >> Full Control
    • BackupUsers (freenas group) >> Full Control
Going by this above config any member of the BackupUsers group should have full access to the "OwnCloud" CIFS share along with the OwnCloud user. I have confirmed from a Windows PC that the share/file permissions do in fact work as expected.

The Problem...
I am using Ubuntu 16.04.1 and I am adding the following line of code to the /etc/fstab file which should result in permanently mounting the above OwnCloud CIFS share. (yes before someone says anything I know that its a bad idea to store the password like this)

//freenas/OwnCloud /media/windowsshare cifs username=owncloud,password=password,iocharset=utf8,sec=ntlm 0 0

Issue is that when I attempt to access the mounted location I receive an error indicating that access is denied... What is odd is if I set the "Everyone" group to have full control at the file level then everything works... However I do need to restrict access to this directory so that is really not an option for me.

Any ideas as to why this is not working?

Thanks!
 
SweetAndLow

SweetAndLow

Sweet'NASty
Joined
Nov 6, 2013
Messages
6,421
Try mounting by hand and see what happens. You are also going to need to add a user and group flag to your mount options.

Sent from my Nexus 5X using Tapatalk
 
N

NightNetworks

Explorer
Joined
Sep 6, 2015
Messages
61
What do you mean by user and group flag?

I may just go with an NFS share for this one PC as that seems to work without issue. As long as I set all users to have the same rights as "root" and then I restricted access to the NFS share by IP address, so that still keeps it secure. All while still allowing Windows PC to access it via CIFS with the correct permissions as well. Thoughts?

Thanks!
 
SweetAndLow

SweetAndLow

Sweet'NASty
Joined
Nov 6, 2013
Messages
6,421
mount -t cifs -o username=owncloud,password=password,iocharset=utf8,uid=1001,gid=1001 \\\\FreeNAS/OwnCloud /medi/windowsshare

something like this should mount things correctly(syntax is probably wrong, I'm just doing this off the top of my head) and give you the permissions of the uid and gid you pass. The auth over cifs doesn't grant authorization it just grants you authentication.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
A few thoughts:

  • Try increasing logging verbosity in samba, then review /var/log/samba4/log.smbd to figure out what exactly is going on when you get the "access denied" message.
  • Set permissions with "everyone" = "full control", authenticate, then type smbstatus on the freenas server and see what username is being used to authenticate. Post output here.
  • Post contents of /usr/local/etc/smb4.conf
  • Post output of getfacl <path/to/share> ie "getfacl /mnt/Tank/Share"
  • Post ZFS aclmode setting for the dataset you're sharing. zfs get aclmode zpool/dataset i.e. zfs get aclmode Tank/Share
  • Post output of net usersidlist.
 
N

NightNetworks

Explorer
Joined
Sep 6, 2015
Messages
61
SweetAndLow said:
mount -t cifs -o username=owncloud,password=password,iocharset=utf8,uid=1001,gid=1001 \\\\FreeNAS/OwnCloud /medi/windowsshare

something like this should mount things correctly(syntax is probably wrong, I'm just doing this off the top of my head) and give you the permissions of the uid and gid you pass. The auth over cifs doesn't grant authorization it just grants you authentication.
Click to expand...

Didnt work... but thanks!
 
N

NightNetworks

Explorer
Joined
Sep 6, 2015
Messages
61
anodos said:
A few thoughts:

  • Try increasing logging verbosity in samba, then review /var/log/samba4/log.smbd to figure out what exactly is going on when you get the "access denied" message.
  • Set permissions with "everyone" = "full control", authenticate, then type smbstatus on the FreeNAS server and see what username is being used to authenticate. Post output here.
  • Post contents of /usr/local/etc/smb4.conf
  • Post output of getfacl <path/to/share> ie "getfacl /mnt/Tank/Share"
  • Post ZFS aclmode setting for the dataset you're sharing. zfs get aclmode zpool/dataset i.e. zfs get aclmode Tank/Share
  • Post output of net usersidlist.
Click to expand...

1. Not sure how to increase the logging, but the exact error that I am getting is as follows. "This location could not be displayed. You do not have the permissions necessary to view the contents of "OwnCloud"."

2. I originally thought that when I added the group "everyone" to the share that it worked correctly... However testing again this afternoon shows that even with the "everyone" group added back on there that while I can read files that are located on the share I can not add/delete files. Anyway here is the output of "smbstatus"....

[root@freenas ~]# smbstatus

Samba version 4.3.6-GIT-UNKNOWN
PID Username Group Machine Protocol Version
------------------------------------------------------------------------------
8124 owncloud AllUsers cloud.nightnetworks.com (ipv4:192.168.4.6:40176) NT1
5253 jcodispoti AllUsers Jason-Desktop.nightnetworks (ipv4:192.168.1.28:51657) SMB2_10

Service pid machine Connected at
-------------------------------------------------------
Media00 5253 Jason-Desktop.nightnetworks Mon Dec 12 20:13:14 2016
User Files 5253 Jason-Desktop.nightnetworks Mon Dec 12 20:13:14 2016
Data 8124 cloud.nightnetworks.com Mon Dec 12 20:57:53 2016
Media03 5253 Jason-Desktop.nightnetworks Mon Dec 12 20:13:14 2016
IPC$ 8124 cloud.nightnetworks.com Mon Dec 12 20:57:53 2016
GoPro Video 5253 Jason-Desktop.nightnetworks Mon Dec 12 20:13:14 2016
Media02 5253 Jason-Desktop.nightnetworks Mon Dec 12 20:13:14 2016
Public 5253 Jason-Desktop.nightnetworks Mon Dec 12 20:13:14 2016

Locked files:
Pid Uid DenyMode Access R/W Oplock SharePath Name Time
--------------------------------------------------------------------------------------------------
5253 1020 DENY_NONE 0x80 RDONLY NONE /mnt/Data/Public . Mon Dec 12 20:15:17 2016
5253 1020 DENY_NONE 0x80 RDONLY NONE /mnt/Data/Media03 . Mon Dec 12 20:15:17 2016
5253 1020 DENY_NONE 0x80 RDONLY NONE /mnt/Data/Media00 . Mon Dec 12 20:15:17 2016
5253 1020 DENY_NONE 0x80 RDONLY NONE /mnt/Data/Media02 . Mon Dec 12 20:15:17 2016
5253 1020 DENY_NONE 0x80 RDONLY NONE /mnt/Data/GoPro Video . Mon Dec 12 20:15:17 2016

3. Ran "/usr/local/etc/smb4.conf" on both the freenas and Ubuntu install both came back with no such file or directory.

4. Here is the output of "getfacl <path/to/share>"

[root@freenas ~]# getfacl /mnt/Data/OwnCloud
# file: /mnt/Data/OwnCloud
# owner: sv-backup01
# group: BackupUsers
group@:rwxpDdaARWcCo-:fd----:allow
user:owncloud:rwxpDdaARWcCo-:fd----:allow
everyone@:rwxpDdaARWcCo-:fd----:allow

5. Here is the output of "zfs get aclmode Data/OwnCloud"

[root@freenas ~]# zfs get aclmode Data/OwnCloud
NAME PROPERTY VALUE SOURCE
Data/OwnCloud aclmode restricted local

6. Ran "net usersidlist" on both the freenas and Ubuntu install both came back with invalid command.
 
Status
Not open for further replies.

Similar threads

M
  • Locked
CIFS SHARING, USER PERMISSIONS DON'T WORK CORRECTLY
Replies
6
Views
4K
Mike77
M
C
  • Locked
Owncloud Server CIFS crashes FreeNAS
Replies
2
Views
949
depasseg
depasseg
L
smb Permission denied/access is denied
Replies
0
Views
1K
Loren Zimmer
L
E
  • Locked
Some accounts have "Access is denied" error for CIFS shares
Replies
5
Views
4K
engphys
E
D
  • Locked
Owncloud access cifs
Replies
2
Views
2K
DrewS
D
Top