Solved Directory owner can not access directory

pming

Member

Reaction score: 5
Messages: 30

So the last few days I had lots of trouble trying to set up my host as a domain member with samba4, eventually I gave up and tried to run it as a standalone server. But even then, I would get "Permission denied" or "Access denied" both on my MacBook and Windows 10 PC.

I have set up a ZFS storage pool for all my files that I want to share.
I created the Unix user "pmi" and the group "sharing", which "pmi" is a member of.

Here's my directory structure for file shares:
"pudge" is the storage pool, it consists of separate hard drives and SSDs for L2ARC and ZIL.
"share" is the "root dataset" for all my datasets that I want to share via samba.
Code:
root@zfstored:/pudge/share # ls -al
total 21
drwxrwxr-x  8 root  sharing    8 Aug 21 17:24 .
drwxrwx---  3 root  wheel    3 Aug 21 17:09 ..
drwxrwx---  2 root  sharing  2 Aug 21 17:24 backup
drwxrwx---  2 root  sharing  2 Aug 21 17:24 homes
drwxrwx---  2 pmi   pmi      2 Aug 21 17:24 info
drwxrwx---  2 root  sharing  2 Aug 21 17:24 music
drwxrwx---  2 root  sharing  2 Aug 21 17:24 software
drwxrwx---  2 root  sharing  2 Aug 21 17:24 video
For testing purposes, I did the following:
Code:
root@zfstored:/pudge/share # chown -R pmi:pmi /pudge/share/info
root@zfstored:/pudge/share # su pmi
$ ls -al /pudge/share/info
ls: /pudge/share/info: Permission denied
$ cd /pudge/share/info
cd: /pudge/share/info: Permission denied
All the datasets were created equally:
Code:
root@zfstored:/ # zfs create -o mountpoint=/pudge/share/info pudge/share/info
Code:
root@zfstored:/ # zfs get all pudge/share/info
NAME              PROPERTY              VALUE                  SOURCE
pudge/share/info  type                  filesystem             -
pudge/share/info  creation              Sun Aug 21 17:24 2016  -
pudge/share/info  used                  205K                   -
pudge/share/info  available             9.99T                  -
pudge/share/info  referenced            205K                   -
pudge/share/info  compressratio         1.00x                  -
pudge/share/info  mounted               yes                    -
pudge/share/info  quota                 none                   default
pudge/share/info  reservation           none                   default
pudge/share/info  recordsize            128K                   default
pudge/share/info  mountpoint            /pudge/share/info      local
pudge/share/info  sharenfs              off                    default
pudge/share/info  checksum              on                     default
pudge/share/info  compression           lz4                    inherited from pudge
pudge/share/info  atime                 on                     default
pudge/share/info  devices               on                     default
pudge/share/info  exec                  on                     default
pudge/share/info  setuid                on                     default
pudge/share/info  readonly              off                    default
pudge/share/info  jailed                off                    default
pudge/share/info  snapdir               hidden                 default
pudge/share/info  aclmode               discard                default
pudge/share/info  aclinherit            restricted             default
pudge/share/info  canmount              on                     default
pudge/share/info  xattr                 off                    temporary
pudge/share/info  copies                1                      default
pudge/share/info  version               5                      -
pudge/share/info  utf8only              off                    -
pudge/share/info  normalization         none                   -
pudge/share/info  casesensitivity       sensitive              -
pudge/share/info  vscan                 off                    default
pudge/share/info  nbmand                off                    default
pudge/share/info  sharesmb              off                    default
pudge/share/info  refquota              none                   default
pudge/share/info  refreservation        none                   default
pudge/share/info  primarycache          all                    default
pudge/share/info  secondarycache        all                    default
pudge/share/info  usedbysnapshots       0                      -
pudge/share/info  usedbydataset         205K                   -
pudge/share/info  usedbychildren        0                      -
pudge/share/info  usedbyrefreservation  0                      -
pudge/share/info  logbias               latency                default
pudge/share/info  dedup                 off                    default
pudge/share/info  mlslabel                                     -
pudge/share/info  sync                  standard               default
pudge/share/info  refcompressratio      1.00x                  -
pudge/share/info  written               205K                   -
pudge/share/info  logicalused           9.50K                  -
pudge/share/info  logicalreferenced     9.50K                  -
pudge/share/info  volmode               default                default
pudge/share/info  filesystem_limit      none                   default
pudge/share/info  snapshot_limit        none                   default
pudge/share/info  filesystem_count      none                   default
pudge/share/info  snapshot_count        none                   default
pudge/share/info  redundant_metadata    all                    default
root@zfstored:/pudge #
Code:
root@zfstored:/ # zpool status -v
  pool: pudge
state: ONLINE
  scan: none requested
config:

          NAME        STATE     READ WRITE CKSUM
          pudge       ONLINE       0     0     0
           raidz2-0  ONLINE       0     0     0
             da0p1   ONLINE       0     0     0
             da1p1   ONLINE       0     0     0
             da2p1   ONLINE       0     0     0
             da3p1   ONLINE       0     0     0
             da4p1   ONLINE       0     0     0
             da5p1   ONLINE       0     0     0
             da6p1   ONLINE       0     0     0
             da7p1   ONLINE       0     0     0
          logs
           mirror-1  ONLINE       0     0     0
             nvd0    ONLINE       0     0     0
             nvd1    ONLINE       0     0     0
          cache
           nvd2      ONLINE       0     0     0

errors: No known data errors

  pool: zroot
state: ONLINE
  scan: none requested
config:

          NAME        STATE     READ WRITE CKSUM
          zroot       ONLINE       0     0     0
           mirror-0  ONLINE       0     0     0
             ada0p3  ONLINE       0     0     0
             ada1p3  ONLINE       0     0     0
What is going on? Am I crazy? What am I missing?
 

Snurg

Aspiring Daemon

Reaction score: 332
Messages: 793

Is user "pmi" in the group "wheel"?
Because, I ask myself whether the permissions of the directory "/pudge" (770) can allow "others" access to its subdirectories.
 
OP
OP
pming

pming

Member

Reaction score: 5
Messages: 30

Is user "pmi" in the group "wheel"?
Because, I ask myself whether the permissions of the directory "/pudge" (770) can allow "others" access to its subdirectories.
Thanks so much for this.
They're teaching us a lot in IT school but not how Unix permissions (any Unix things at all, really) work.

Frankly, I should just admit that I'm still a bit of a newbie.
I changed to permissions on /pudge/share to 775, changed the group of the underlying datasets to "sharing" with permissions of 770 and everything works as expected.

At least some veterans here will have a good laugh I guess.
 

forquare

Well-Known Member

Reaction score: 123
Messages: 271

I changed to permissions on /pudge/share to 775, changed the group of the underlying datasets to "sharing" with permissions of 770 and everything works as expected.
As an extra, /pudge could have the permissions 771, since the pmi user only needs execution rights to cd into a directory. They only need read permissions if you want the pmi user to be able to do an ls in the /pudge directory :)
 
Top