Maximilious
Dabbler
- Joined
- Jun 20, 2023
- Messages
- 15
Hi All,
I'm on the final leg of my migration to my TrueNAS server but I'm hitting a permissions issue I can't quite lick. I have several VM's running docker and podman containers that I've linked to NFS shares to my previous QNAP NAS for configuration mount points. I've migrated this volume to a new dataset and shared it out through NFS and SMB on my TrueNAS SCALE server as I did on my QNAP.
Everything seems happy. I can access from Windows and modify files, and I can see my permissions I applied to these folders carried over from my VM's as expected. I found after migrating my containers however that my Traefik proxy wasn't working correctly - It wasn't using the cert that should have pulled down normally from letsencrypt. Checking the acme.json file, the permissions looked okay, but when I tried to manually chmod 600 to it I got the "Operation not permitted" error. I then tried to run my script that automatically bundles my cert and key into a pem for other uses and it also bombed when trying to apply permissions via chmod.
Previously, these shares were mounted via NFS3 on my QNAP. It didn't play well with NFS4 for some reason (or perhaps my ignorance with NFS4 setup).
Checking the forums, I found a few posts about setting up the dataset permissions as Passthrough, which I believe I've done correctly, but I'm still getting this error. I've tried setting this share up as a brand new Dataset with the Share Type as SMB, copying the files over via CLI, removing the previous ACL on said data and creating just a single NFS share (without SMB share for Windows), setting the ACL Type/Mode as NFS/Passthrough, and set permissions for "Other" for RWX and am still getting the error.
Any help is appreciated here - I'm sure I could set this up more securely but permissions are not my strong suit with Linux. If I could restore just chmod rights to hopefully fix the permission issue I'm hitting would be enough to get me going for now. I'm in a bit of a crunch to get off this QNAP unit to finish my migration and remove it from my environment.
I'm open to learning how to set up the ACL properly, but I'm not sure how to link my VM's local "root" users to TrueNAS for NFS rights to match against the ACL properly.
Edit - After sleeping on it, I think what I'm dealing with is a root_squash situation which I would like to rectify, but for now how can I configure the share for no_root_squash for the time being? Still researching on my end as well.
I'm on the final leg of my migration to my TrueNAS server but I'm hitting a permissions issue I can't quite lick. I have several VM's running docker and podman containers that I've linked to NFS shares to my previous QNAP NAS for configuration mount points. I've migrated this volume to a new dataset and shared it out through NFS and SMB on my TrueNAS SCALE server as I did on my QNAP.
Everything seems happy. I can access from Windows and modify files, and I can see my permissions I applied to these folders carried over from my VM's as expected. I found after migrating my containers however that my Traefik proxy wasn't working correctly - It wasn't using the cert that should have pulled down normally from letsencrypt. Checking the acme.json file, the permissions looked okay, but when I tried to manually chmod 600 to it I got the "Operation not permitted" error. I then tried to run my script that automatically bundles my cert and key into a pem for other uses and it also bombed when trying to apply permissions via chmod.
Previously, these shares were mounted via NFS3 on my QNAP. It didn't play well with NFS4 for some reason (or perhaps my ignorance with NFS4 setup).
Checking the forums, I found a few posts about setting up the dataset permissions as Passthrough, which I believe I've done correctly, but I'm still getting this error. I've tried setting this share up as a brand new Dataset with the Share Type as SMB, copying the files over via CLI, removing the previous ACL on said data and creating just a single NFS share (without SMB share for Windows), setting the ACL Type/Mode as NFS/Passthrough, and set permissions for "Other" for RWX and am still getting the error.
Any help is appreciated here - I'm sure I could set this up more securely but permissions are not my strong suit with Linux. If I could restore just chmod rights to hopefully fix the permission issue I'm hitting would be enough to get me going for now. I'm in a bit of a crunch to get off this QNAP unit to finish my migration and remove it from my environment.
I'm open to learning how to set up the ACL properly, but I'm not sure how to link my VM's local "root" users to TrueNAS for NFS rights to match against the ACL properly.
Edit - After sleeping on it, I think what I'm dealing with is a root_squash situation which I would like to rectify, but for now how can I configure the share for no_root_squash for the time being? Still researching on my end as well.
Last edited:
