I am trying to figure out why neither of my Apps will run any longer unless I do not have host path checking on. One thing I am seeing is a that one of my pools shows an SMB share symbol whilst the other one does not. Other than that I cannot see what the issue is with this setup. I have just two apps Emby and SyncThing. Emby has three host paths to the individual items under the media file. SyncThing has just the host path to the direct item itself. On top of that each has a config path configured. What am I doing wrong that my apps won't start unless I disable host path checking?
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum has become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Host path checking failures
- Thread starter tre4B
- Start date
Digging in and the above is the after picture. The before had an SMB share on media. When I look this up all I find is others having similar issues. Can anyone point me to information about what is and is not allowed? It appears to not allow a host path mount to a dataset whose parent has an SMB share. Is this correct?
Just quoting from the truecharts homepage:
Host Path Validation Safety
Starting with SCALE Bluefin (22.12), there's a new safety check on apps called Host Path Safety Checks located in your SCALE installation's Apps Advanced Settings (the same place as your k3s network, GPU, and other settings). This check is intended to ensure datasets used by your apps (e.g. media datasets) are not in use by a network share (e.g. SMB, NFS, CIFS). We require this for security (Protect the system from container escape vulnerabilities using hostPath) and reliability (Prevent multiple services (shares for example) from using the same dataset.) reasons. You can disable these checks, but it may lead to issues with your Apps depending on your permissions configuration.Now I am confused. I am trying to setup SyncThing. I have setup a DataSet called SyncThing. I have set the Host path to this
The only way it is of any use is if I can access the data that SyncThing is putting into the data set. I have therefore created a second dataset SyncData which is a child of SyncThing assuming that I could make that an SMB share, however TrueNas won't allow that either. So now I am confused if you put a host path on a dataset within an SMB share it fails and when you put an SMB share within a hostpath it fails.
How do I access the data that is syncd if I cannot have any SMB share to do so and I do not ignore the hostpath checking?
The only way it is of any use is if I can access the data that SyncThing is putting into the data set. I have therefore created a second dataset SyncData which is a child of SyncThing assuming that I could make that an SMB share, however TrueNas won't allow that either. So now I am confused if you put a host path on a dataset within an SMB share it fails and when you put an SMB share within a hostpath it fails.
How do I access the data that is syncd if I cannot have any SMB share to do so and I do not ignore the hostpath checking?
The hostpath validation also applies to child datasets.
Are you using the official app or the truecharts one?
With the truecharts one you can migrate from hostpath to nfs shares.
This way your app uses nfs and you can use smb to access the Dataset you created.
Sadly that's not possible with the official app.
Are you using the official app or the truecharts one?
With the truecharts one you can migrate from hostpath to nfs shares.
This way your app uses nfs and you can use smb to access the Dataset you created.
Sadly that's not possible with the official app.