I ran also into a
chdir_current_service: vfs_ChDir(/mnt/.....) failed: Permission denied problem.
Here are the infos / facts to my setup:
- TrueNAS-12.0-U8.1
- (modern zfs) encrypted dataset on a HDD pool (/mnt/pool1-HDD/backup/backupserver/monitor)
- backup is also a dataset with different owern
- backupserver is a child dataset of backup with different owern
- monitor is a child dataset of backupserver with the user backup-checkmk as owner
- all levels of datasets has ACL active
- user used to access the samba share is owner (backup-checkmk | uid=1004, gid=1004) of the dataset and all files into it
- dataset ist shared via samba service (share name: backup-monitor)
TrueNAS:
Pool Status:
Code:
root@truenas[~]# zpool status -v pool1-HDD
pool: pool1-HDD
state: ONLINE
config:
NAME STATE READ WRITE CKSUM
pool1-HDD ONLINE 0 0 0
raidz1-0 ONLINE 0 0 0
gptid/140d3d30-b98b-11ec-ab62-901b0e2c4a8e ONLINE 0 0 0
gptid/141a10a1-b98b-11ec-ab62-901b0e2c4a8e ONLINE 0 0 0
gptid/1429f218-b98b-11ec-ab62-901b0e2c4a8e ONLINE 0 0 0
errors: No known data errors
Samba Share:
Code:
root@truenas[~]# sharesec --view-all
[backup-monitor]
REVISION:1
CONTROL:SR|DP
OWNER:
GROUP:
ACL:S-1-1-0:ALLOWED/0x0/FULL
Shell via of the dataset:
Code:
root@truenas[~]# ls -lah /mnt/pool1-HDD/backup/backupserver/monitor
total 33
drwxrwx---+ 3 backup-checkmk backup-checkmk 3B Apr 13 17:04 .
drwxrwx---+ 7 wolfgang wolfgang 7B Apr 14 20:34 ..
drwxrwx---+ 2 backup-checkmk backup-checkmk 4B Apr 13 16:27 Check_MK-monitor-location-cmkadmin
ACL for the dataset which is the file base for the samba share i want to mount on the ubuntu machine.
Code:
root@truenas[~]# getfacl /mnt/pool1-HDD/backup/backupserver/monitor
# file: /mnt/pool1-HDD/backup/backupserver/monitor
# owner: backup-checkmk
# group: backup-checkmk
group:wolfgang:rwxpDdaARWcCos:fd-----:allow
owner@:rwxpDdaARWcCos:fd-----:allow
group@:rwxpDdaARWcCos:fd-----:allow
everyone@:--------------:fd-----:allow
Errors found in
/var/log/samba4/log.smbd
Code:
[2022/04/14 20:32:08.337782, 2] ../../source3/auth/auth.c:329(auth_check_ntlm_password) check_ntlm_password: authentication for user [backup-checkmk] -> [backup-checkmk] -> [backup-checkmk] succeeded
[2022/04/14 20:32:08.344039, 2] ../../source3/param/loadparm.c:2872(lp_do_section) Processing section "[backup-monitor]"
[2022/04/14 20:32:08.358839, 2] ../../source3/smbd/service.c:863(make_connection_snum) (ipv4:10.0.0.12:54646) connect to service backup-monitor initially as user backup-checkmk (uid=1004, gid=1004) (pid 4202)
[2022/04/14 20:32:08.359150, 0] ../../source3/smbd/service.c:169(chdir_current_service) chdir_current_service: vfs_ChDir(/mnt/pool1-HDD/backup/backupserver/monitor) failed: Permission denied. Current token: uid=1004, gid=1004, 5 groups: 545 1004 90000133 90000134 90000136
[2022/04/14 20:32:08.359730, 2] ../../source3/smbd/service.c:1138(close_cnum) (ipv4:10.0.0.12:54646) closed connection to service backup-monitor
- auth_check_ntlm_password) check_ntlm_password: authentication for user [backup-checkmk] -> [backup-checkmk] -> [backup-checkmk] succeeded -> seams the password ist correct!!
- vfs_ChDir(/mnt/pool1-HDD/backup/backupserver/monitor) failed: Permission denied.-> why??
ubuntu server:
Code:
apt-get install cifs-utils
Mount via terminal is not working, resulting in the smbd error shown above.
Code:
root@monitor:/mnt/backup# mount.cifs -o username=backup-checkmk,password=******* //10.0.0.10/backup-test /mnt/backup-checkmk --verbose
mount.cifs kernel mount options: ip=10.0.0.10,unc=\\10.0.0.10\backup-monitor,user=backup-checkmk,pass=********
mount error(5): Input/output error
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
Mount via
/etc/fstab and
mount -a is also not working.
Code:
//10.0.0.10/backup-monitor /mnt/backup cifs rw,uid=999,gid=1001,username=backup-checkmk,password=****,vers=3.0 0 0
Code:
root@monitor:/mnt# mount -a
mount error(5): Input/output error
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
dmesg output:
Code:
kern :err : [Thu Apr 14 21:56:30 2022] CIFS VFS: validate protocol negotiate failed: -13
kern :err : [Thu Apr 14 21:56:30 2022] CIFS VFS: cifs_mount failed w/return code = -5
When I try a wrong password, i'm getting a different error:
Code:
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
dmesg:
Code:
kern :notice: [Thu Apr 14 22:01:37 2022] Status code returned 0xc000006d STATUS_LOGON_FAILURE
kern :err : [Thu Apr 14 22:01:37 2022] CIFS VFS: Send error in SessSetup = -13
kern :err : [Thu Apr 14 22:01:37 2022] CIFS VFS: cifs_mount failed w/return code = -13
A test from a different linux client is working.
Code:
rpcclient -U backup-checkmk -c netshareenum 10.0.0.10
netname: backup-monitor
remark: SMB Share for data backup
path: C:\mnt\pool1-HDD\backup\backupserver\monitor
password:
Also tried a lot of different mount options (sec=ntlm, vers=3.0 etc)
Anyone any ideas??