Can't copy read only files to TrueNAS

T

tony95

Contributor
Joined
Jan 2, 2021
Messages
117
I am trying to move my windows shares to TrueNAS via SMB share but some of the files are read only and the copy fails with permission denied. I used the restricted preset and my group and user are both set to Full Control. Sure I can remove the read only flag and copy them but I know if I have copies that fail just because a file is set to read only then this means some people using the share are going to complain about the error or worse they are not going to have their files backed up and will risk losing their data. If I can't resolve this then I will have to go back to Windows Server for the shares. Can anyone offer a solution?
 
sretalla

sretalla

Powered by Neutrality
Moderator
Joined
Jan 1, 2016
Messages
9,703
tony95 said:
the copy fails with permission denied
Click to expand...
How exactly are you doing that... it's probably an issue with the method, not the share.
 
T

tony95

Contributor
Joined
Jan 2, 2021
Messages
117
sretalla said:
How exactly are you doing that... it's probably an issue with the method, not the share.
Click to expand...
I doubt it. All the other files copy fine. I am just copying from the windows share to the TrueNAS share. Even if I copy to my local hard drive and try to copy to the TrueNAS share it gives me the same error "you need permission to perform this action".
 
sretalla

sretalla

Powered by Neutrality
Moderator
Joined
Jan 1, 2016
Messages
9,703
I'll ask the question again...

tony95 said:
try to copy to the TrueNAS share it gives me the same error "you need permission to perform this action"
Click to expand...
Exactly what are you doing when you say "copy"?
 
T

tony95

Contributor
Joined
Jan 2, 2021
Messages
117
I just tested it with my home TrueNAS server and it works fine.
 
T

tony95

Contributor
Joined
Jan 2, 2021
Messages
117
sretalla said:
I'll ask the question again...


Exactly what are you doing when you say "copy"?
Click to expand...
Not sure what you are asking then. Right click copy then right click paste? Drag drop from my hard drive to the SMB share on TrueNAS, same difference I believe?
 
winnielinnie

winnielinnie

MVP
Joined
Oct 22, 2019
Messages
3,641
"Read-only" files that are saved locally on your Windows drive cannot be copied to the SMB network share? Yet they can be copied to another local folder on the Windows drive?

What about trying to copy said files to a different external drive?
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
winnielinnie said:
"Read-only" files that are saved locally on your Windows drive cannot be copied to the SMB network share? Yet they can be copied to another local folder on the Windows drive?

What about trying to copy said files to a different external drive?
Click to expand...
There was a bug regarding copies of local readonly files (DOS bit) that had alternate data streams present. Scheduled to be fixed in 13.1 / 23.10.2 / 24.04-RC1.
 
winnielinnie

winnielinnie

MVP
Joined
Oct 22, 2019
Messages
3,641
Is it possible to bypass this in the meantime if you disable Alternate Data Streams in the SMB share's configuration?
 
T

tony95

Contributor
Joined
Jan 2, 2021
Messages
117
winnielinnie said:
"Read-only" files that are saved locally on your Windows drive cannot be copied to the SMB network share? Yet they can be copied to another local folder on the Windows drive?

What about trying to copy said files to a different external drive?
Click to expand...
Yes, they can be copied anywhere but the TrueNAS share. It is very strange. I can mark another file on my PC read only and copy it to the TrueNAS share no problem. But the files on the old Windows Share that were read only won't copy until I remove the read only flag. So I have a png that already exists on my PC and if I mark it read only it copies to the TrueNAS share without a problem, but the file that was previously on the old Windows Share won't copy to TrueNAS until I remove the read only flag. This is bizarre because looking at the security permissions and owner on the two file they appear to be identical.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
tony95 said:
Yes, they can be copied anywhere but the TrueNAS share. It is very strange. I can mark another file on my PC read only and copy it to the TrueNAS share no problem. But the files on the old Windows Share that were read only won't copy until I remove the read only flag. So I have a png that already exists on my PC and if I mark it read only it copies to the TrueNAS share without a problem, but the file that was previously on the old Windows Share won't copy to TrueNAS until I remove the read only flag. This is bizarre because looking at the security permissions and owner on the two file they appear to be identical.
Click to expand...

It's because of the way that the files are opened. The client requests to
1. open a file
2. set it read-only
3. write data
4. alternate data streams

3. succeeds because we re-use same file open file descriptor.
4 fails in 13.0 (Samba 4.15) because we open new fd (which forces evaluation of readonly bit at that point) and in later versions because of internal ZFS permission check on xattr writes.
 
T

tony95

Contributor
Joined
Jan 2, 2021
Messages
117
winnielinnie said:
Is it possible to bypass this in the meantime if you disable Alternate Data Streams in the SMB share's configuration?
Click to expand...
Hmmm, I had to recreate the share to do this. I don't think this is the best way to handle it. These PNG file might be rare cases and most users here probably aren't going to have an issue. I am wondering if they were created on a MAC which would be rare since no computer in the office is a MAC and it would have probably come from outside. Since I can copy a read only file from my own computer then maybe this issue will never come up again.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
tony95 said:
Hmmm, I had to recreate the share to do this. I don't think this is the best way to handle it. These PNG file might be rare cases and most users here probably aren't going to have an issue. I am wondering if they were created on a MAC which would be rare since no computer in the office is a MAC and it would have probably come from outside. Since I can copy a read only file from my own computer then maybe this issue will never come up again.
Click to expand...
Typically windows clients will store zone identifier information. MacOS clients can store mac equivalent of that, finder color tags, preview images, etc, etc.

learn.microsoft.com

[MS-FSCC]: Zone.Identifier Stream Name

Windows Internet Explorer uses the stream name Zone.Identifier for storage of URL security zones. The fully qualified
learn.microsoft.com
 
T

tony95

Contributor
Joined
Jan 2, 2021
Messages
117
anodos said:
Typically windows clients will store zone identifier information. MacOS clients can store mac equivalent of that, finder color tags, preview images, etc, etc.

learn.microsoft.com

[MS-FSCC]: Zone.Identifier Stream Name

Windows Internet Explorer uses the stream name Zone.Identifier for storage of URL security zones. The fully qualified
learn.microsoft.com
Click to expand...
I just went to the windows share and removed all the read only flags. If it is not a problem with read only in general then it probably won't affect anyone. Like I said, I can copy read only files that were created on my PC without an issue. I guess we will see over time.
 
sretalla

sretalla

Powered by Neutrality
Moderator
Joined
Jan 1, 2016
Messages
9,703
tony95 said:
Not sure what you are asking then. Right click copy then right click paste? Drag drop from my hard drive to the SMB share on TrueNAS, same difference I believe?
Click to expand...
I see we probably got to the bottom of the issue here already, but for future reference, there are many ways to "copy" a file, one is via windows (the way or ways you were using), others are things like file sync apps, robocopy, rsync or other command line tools... which can make a big difference depending on which one you use and what settings you're using for them.
 
anodos

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
9,554
sretalla said:
I see we probably got to the bottom of the issue here already, but for future reference, there are many ways to "copy" a file, one is via windows (the way or ways you were using), others are things like file sync apps, robocopy, rsync or other command line tools... which can make a big difference depending on which one you use and what settings you're using for them.
Click to expand...
That's correct. As I mentioned above, it's very much about order of operations for this. For example, if the client creates the file, writes data, writes ADS, and then sets readonly it wouldn't be a problem. In this case what is actually required from an SMB server is basically not documented by MS, but we fixed our SMB server to do the same as Windows (just have to wait for update / new version or work around it).
 
winnielinnie

winnielinnie

MVP
Joined
Oct 22, 2019
Messages
3,641
In Windows PowerShell, you can use "Get-Item" to see if a file has an alternate data stream (anything other than $DATA):
Code:
Get-Item filename.txt -Stream *

If you see something like this:
PSChildName : filename.txt:Something.Whatever

Then you can view this alternate data stream's contents with "Get-Content" like so:
Code:
Get-Content filename.txt -Stream Something.Whatever

You might find such information to be pointless, thus giving you the peace of mind that you don't need to preserve it.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Can't copy read only files to TrueNAS"

Similar threads

Argudan
Lost permission to read my data
Replies
1
Views
403
Argudan
Argudan
W
TrueNAS 13.0U2 Authorization required to copy files from Windows filemanager to SMB
Replies
0
Views
1K
WildLucifero
W
A
New files getting everyone read permission on SMB Shares
Replies
0
Views
473
aigsyss
A
A
SMB shares to Windows 11 - can't save files from web or apps to shared drives
Replies
6
Views
1K
Andrew Ostrom
A
V
Can't make read-only user for SMB share
Replies
4
Views
693
jpmcgillivray005
jpmcgillivray005
Top