Group membership ignored over NFS

enry

enry

Dabbler
Joined
Apr 10, 2016
Messages
21
tl;dr: I can only write in directories I own, even if I'm a member of the group owner and have 2775 on the directory

Background:

I have a TrueNAS Core system with disks that are starting to get checksum errors. I built a brand new TrueNAS SCALE box and replicated over, broke replication, disabled read-only, and exported via NFS.

For directories that I own I have normal full control. But if I don't own the directory I can't do any operations on it (delete, create, etc.). If I use newgrp so my primary group is the same as the directory, I can write in it.

More background: I'm exporting nfsv4 but using nfsv3 ownership. When it was on the Core box it was being exported via both NFS and CIFS. I can't see that any ACLs are being applied so I'm really at a loss at what's going on here.
 
mroptman

mroptman

Dabbler
Joined
Dec 2, 2019
Messages
23
Have your tried:
  1. Replicate snapshot to Scale from Core
  2. Clone replicated snapshot to new datasets
  3. Promote clone to standalone dataset
  4. Recursively set permissions as desired
    1. Sometimes I miss the "apply user/group" and "Apply permissions recursively" checkboxes
  5. Configure shares against the fresh dataset (CIFS/NFS)
  6. (Optionally) Remove replicated snapshots once new dataset is operational
I also was unaware that mixing NFS and CIFS shares against the same dataset was even supported. Never tried that before. Perhaps you could try 1:1 dataset per share protocol and see if that works rather than 1 dataset with 2 shares against it.
 
enry

enry

Dabbler
Joined
Apr 10, 2016
Messages
21
mroptman said:
Have your tried:
  1. Replicate snapshot to Scale from Core
  2. Clone replicated snapshot to new datasets
  3. Promote clone to standalone dataset
  4. Recursively set permissions as desired
    1. Sometimes I miss the "apply user/group" and "Apply permissions recursively" checkboxes
  5. Configure shares against the fresh dataset (CIFS/NFS)
  6. (Optionally) Remove replicated snapshots once new dataset is operational
I also was unaware that mixing NFS and CIFS shares against the same dataset was even supported. Never tried that before. Perhaps you could try 1:1 dataset per share protocol and see if that works rather than 1 dataset with 2 shares against it.
Click to expand...

1) No, these are pretty big shares. I can try on a subset of it though.
2) No
3) ..is there anything I have to do other than stop the replication and disable read-only?
4) did that, no change
5) did that too

There might be some wacky AD thing going on too. I'm going to keep looking.
 
enry

enry

Dabbler
Joined
Apr 10, 2016
Messages
21
Ugh!

I think I misunderstood what "NFSv3 ownership model for NFSv4" meant. Turned that off and all seems well.
 
You must log in or register to reply here.

Important Announcement for the TrueNAS Community.

The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums.

Related topics on forums.truenas.com for thread: "Group membership ignored over NFS"

Similar threads

J
Explanation of NFSV4 ACL group@ in relation to active directory groups
Replies
2
Views
2K
j.lanham
J
K
Anyway to bypass lack of "Allow non-root mount" in NFS Share for Kodi.
Replies
0
Views
3K
Kosygor
K
M
having issue with nfs share
Replies
0
Views
2K
mmclarty
M
J
NFS permissions for clients and jellyfin
Replies
0
Views
3K
jojen_green
J
anodos
ACL support for SCALE NFS server coming soon :)
Replies
1
Views
2K
anodos
anodos
Top