I can't write anymore on one of my ZFS dataset !

[Youri Andropov]

Hi,

I upgraded from 9.2.1.5 to 9.2.1.7 and it seems it broke something since I can't write anymore on my "media" dataset ("access denied"). I tried from a CIFS and a NFS share, nothing works.
My other dataset, "data", still works normally. I didn't change any permission. The volume is not full, and I didn't set any quota.

The only noticeable difference between both datasets is the ZFS option "share type". The read-only volume is an UNIX share type, and the working one is a Windows share type. It can't be changed.

Dataset permissions are set to owner nobody/guest, and I tried both permission types, UNIX and windows, it doesn't work.

What can I do ?

 

[anodos]

Permissions are actually a difficult thing to get right and are easy to break.
Give hardware details.
Post output of following commands enclosed in code brackets.
- zpool status
- zfs list
- relevant log messages from /var/log/messages
- relevant log messages from /var/log/samba4/log.smbd
- output of "ls -l" for dataset that is read-only
- output of "getfacl" for folder inside dataset that is read-only

What do you mean by "it can't be changed"?
Are you sharing the same dataset with both NFS and CIFS?
Have you tried recursively setting permissions through the volume manager on the dataset with Unix permissions?

 

[Youri Andropov]

What do you mean by "it can't be changed"?
Are you sharing the same dataset with both NFS and CIFS?
Have you tried recursively setting permissions through the volume manager on the dataset with Unix permissions?

The "share type" listbox (on FreeNAS http GUI) contains only one item, the actual setting. So it can't be changed.
I tried setting recursively permissions (unix and windows) with no effect.

Hardware : 8 GB RAM - Xeon E3-1220L - 5 seagate 3 TB disks on native SATA ports

Surprisingly, 'getfacl' seems to hang (I have to CTRL-C), whereas a 'find . -exec getfacl {} \;' works.

Note that I can't write on the whole dataset, and that everything was fine before the 9.2.1.7 update.

Code:

freenas# zpool status
  pool: MEDIATHEQUE
state: ONLINE
  scan: scrub repaired 0 in 4h44m with 0 errors on Fri Sep 19 06:44:43 2014
config:

  NAME  STATE  READ WRITE CKSUM
  MEDIATHEQUE  ONLINE  0  0  0
  raidz1-0  ONLINE  0  0  0
  ada0p2  ONLINE  0  0  0
  ada1p2  ONLINE  0  0  0
  gptid/062acf68-d14d-11e3-a5d9-002590722e5d  ONLINE  0  0  0
  gptid/307e846b-48a5-11e3-a2cd-002590722e5d  ONLINE  0  0  0
  ada4p2  ONLINE  0  0  0

errors: No known data errors

freenas# zfs list
NAME  USED  AVAIL  REFER  MOUNTPOINT
MEDIATHEQUE  9.02T  1.69T  332K  /mnt/MEDIATHEQUE
MEDIATHEQUE/.system  125M  1.69T  230K  /mnt/MEDIATHEQUE/.system
MEDIATHEQUE/.system/cores  21.1M  1.69T  21.1M  /mnt/MEDIATHEQUE/.system/cores
MEDIATHEQUE/.system/rrd  230K  1.69T  230K  /mnt/MEDIATHEQUE/.system/rrd
MEDIATHEQUE/.system/samba4  3.98M  1.69T  3.98M  /mnt/MEDIATHEQUE/.system/samba4
MEDIATHEQUE/.system/syslog  99.1M  1.69T  99.1M  /mnt/MEDIATHEQUE/.system/syslog
MEDIATHEQUE/donnees  1.91T  2.78T  1.91T  /mnt/MEDIATHEQUE/donnees
MEDIATHEQUE/jails  20.9G  1.69T  139M  /mnt/MEDIATHEQUE/jails
MEDIATHEQUE/jails/.warden-template-9.1-RELEASE-amd64-pluginjail  1015M  1.69T  4.89M  /mnt/MEDIATHEQUE/jails/.warden-template-9.1-RELEASE-amd64-pluginjail
MEDIATHEQUE/jails/.warden-template-pluginjail  1.29G  1.69T  1.29G  /mnt/MEDIATHEQUE/jails/.warden-template-pluginjail
MEDIATHEQUE/jails/plexmediaserver_1  18.5G  1.69T  19.8G  /mnt/MEDIATHEQUE/jails/plexmediaserver_1
MEDIATHEQUE/media  6T  2.70T  4.99T  /mnt/MEDIATHEQUE/media


[root@freenas ~]# tail -60 /var/log/messages
Sep 25 19:36:12 freenas root: /etc/rc: WARNING: failed precmd routine for vmware_guestd
Sep 25 19:36:12 freenas kernel: vboxdrv: fAsync=0 offMin=0x2b7 offMax=0xa7f
Sep 25 19:36:12 freenas ntpd[2666]: ntpd 4.2.4p5-a (1)
Sep 25 19:36:13 freenas kernel: ............+++
Sep 25 19:36:13 freenas generate_smb4_conf.py: [common.pipesubr:58] Popen()ing: /sbin/sysctl -n 'kern.maxfilesperproc'
Sep 25 19:36:13 freenas generate_smb4_conf.py: [common.pipesubr:58] Popen()ing: zfs list -H -o mountpoint,name
Sep 25 19:36:13 freenas generate_smb4_conf.py: [common.pipesubr:58] Popen()ing: zfs list -H -o mountpoint
Sep 25 19:36:13 freenas generate_smb4_conf.py: [common.pipesubr:58] Popen()ing: zfs list -H -o mountpoint
Sep 25 19:36:13 freenas generate_smb4_conf.py: [common.pipesubr:58] Popen()ing: /usr/local/bin/pdbedit -d 0 -i smbpasswd:/tmp/tmpD3bcR8 -s /usr/local/etc/smb4.conf -e tdbsam:/var/etc/private/passdb.tdb
Sep 25 19:36:14 freenas generate_smb4_conf.py: [common.pipesubr:58] Popen()ing: /usr/local/bin/net groupmap list
Sep 25 19:36:14 freenas nmbd[2930]: [2014/09/25 19:36:14.761664,  0] ../lib/util/become_daemon.c:136(daemon_ready)
Sep 25 19:36:14 freenas winbindd[2936]: [2014/09/25 19:36:14.922963,  0] ../source3/winbindd/winbindd_cache.c:3196(initialize_winbindd_cache)
Sep 25 19:36:14 freenas winbindd[2936]:  initialize_winbindd_cache: clearing cache and re-creating with version number 2
Sep 25 19:36:14 freenas winbindd[2936]: [2014/09/25 19:36:14.995288,  0] ../lib/util/become_daemon.c:136(daemon_ready)
Sep 25 19:36:14 freenas smartd[2939]: Device: /dev/ada0, WARNING: A firmware update for this drive is available,
Sep 25 19:36:14 freenas smartd[2939]: see the following Seagate web pages:
Sep 25 19:36:14 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/207931en
Sep 25 19:36:14 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/223651en
Sep 25 19:36:15 freenas smbd[2933]: [2014/09/25 19:36:15.089135,  0] ../lib/util/become_daemon.c:136(daemon_ready)
Sep 25 19:36:15 freenas smbd[2933]:  STATUS=daemon 'smbd' finished starting up and ready to serve connectionswaiting for connections
Sep 25 19:36:15 freenas smbd[2933]: dnssd_clientstub ConnectToServer: connect()-> No of tries: 1
Sep 25 19:36:15 freenas smartd[2939]: Device: /dev/ada1, WARNING: A firmware update for this drive is available,
Sep 25 19:36:15 freenas smartd[2939]: see the following Seagate web pages:
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/207931en
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/223651en
Sep 25 19:36:15 freenas smartd[2939]: Device: /dev/ada2, WARNING: A firmware update for this drive may be available,
Sep 25 19:36:15 freenas smartd[2939]: see the following Seagate web pages:
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/207931en
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/223651en
Sep 25 19:36:15 freenas smartd[2939]: Device: /dev/ada3, WARNING: A firmware update for this drive may be available,
Sep 25 19:36:15 freenas smartd[2939]: see the following Seagate web pages:
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/207931en
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/223651en
Sep 25 19:36:15 freenas smartd[2939]: Device: /dev/ada4, WARNING: A firmware update for this drive is available,
Sep 25 19:36:15 freenas smartd[2939]: see the following Seagate web pages:
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/207931en
Sep 25 19:36:15 freenas smartd[2939]: http://knowledge.seagate.com/articles/en_US/FAQ/223651en
Sep 25 19:36:16 freenas smbd[2933]: dnssd_clientstub ConnectToServer: connect()-> No of tries: 2
Sep 25 19:36:17 freenas smbd[2933]: dnssd_clientstub ConnectToServer: connect()-> No of tries: 3
Sep 25 19:36:18 freenas smbd[2933]: dnssd_clientstub ConnectToServer: connect() failed Socket:32 Err:-1 Errno:2 No such file or directory
Sep 25 19:36:21 freenas ntpd[2667]: time reset -0.497784 s
Sep 25 19:36:29 freenas kernel: bridge0: Ethernet address: 02:7e:9d:d8:47:00
Sep 25 19:36:29 freenas kernel: em1: promiscuous mode enabled
Sep 25 19:36:29 freenas kernel: bridge0: link state changed to UP
Sep 25 19:36:29 freenas kernel: epair0a: Ethernet address: 02:f0:c0:00:08:0a
Sep 25 19:36:29 freenas kernel: epair0b: Ethernet address: 02:f0:c0:00:09:0b
Sep 25 19:36:29 freenas kernel: epair0a: link state changed to UP
Sep 25 19:36:29 freenas kernel: epair0b: link state changed to UP
Sep 25 19:36:29 freenas kernel: em1: link state changed to DOWN
Sep 25 19:36:29 freenas kernel: epair0a: promiscuous mode enabled
Sep 25 19:36:30 freenas rtsold[2109]: <rtsock_input_ifannounce> interface epair0b removed
Sep 25 19:36:30 freenas kernel: ng_ether_ifnet_arrival_event: can't re-name node epair0b
Sep 25 19:36:33 freenas kernel: em1: link state changed to UP
Sep 25 19:37:09 freenas dhclient: New IP Address (em1): 192.168.0.100
Sep 25 19:37:09 freenas dhclient: New Subnet Mask (em1): 255.255.255.0
Sep 25 19:37:09 freenas dhclient: New Broadcast Address (em1): 192.168.0.255
Sep 25 19:37:09 freenas dhclient: New Routers (em1): 192.168.0.1
Sep 25 19:38:26 freenas nmbd[2930]:  STATUS=daemon 'nmbd' finished starting up and ready to serve connectionsadded interface em1 ip=192.168.0.100 bcast=192.168.0.255 netmask=255.255.255.0
Sep 25 19:39:18 freenas winbindd[5609]:  STATUS=daemon 'winbindd' finished starting up and ready to serve connectionsidmap range not specified for domain FREENAS
Sep 25 19:39:57 freenas winbindd[2940]:  STATUS=daemon 'winbindd' finished starting up and ready to serve connectionssam_rids_to_names: possible deadlock - trying to lookup SID S-1-5-21-1211973709-2533736123-944133430

[root@freenas ~]# tail -60 /var/log/samba4/log.smbd
[2014/09/25 19:36:14,  2] ../source3/lib/dmallocmsg.c:78(register_dmalloc_msgs)
  Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
[2014/09/25 19:36:14.807831,  2] ../source3/param/loadparm.c:535(max_open_files)
  max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
[2014/09/25 19:36:14.807861,  2] ../source3/param/loadparm.c:543(max_open_files)
  rlimit_max: increasing rlimit_max (11095) to minimum Windows limit (16384)
[2014/09/25 19:36:14.808273,  1] ../source3/param/loadparm.c:3178(lp_do_parameter)
  WARNING: The "null passwords" option is deprecated
[2014/09/25 19:36:14.808481,  2] ../source3/param/loadparm.c:3581(do_section)
  Processing section "[donnees]"
[2014/09/25 19:36:14.809065,  2] ../source3/param/loadparm.c:3581(do_section)
  Processing section "[media]"
[2014/09/25 19:36:14.809763,  2] ../source3/lib/interface.c:341(add_interface)
  added interface em1 ip=192.168.0.100 bcast=192.168.0.255 netmask=255.255.255.0
[2014/09/25 19:36:14.919330,  1] ../source3/passdb/pdb_tdb.c:537(tdbsam_open)
  tdbsam_open: Converting version 0.0 database to version 4.0.
[2014/09/25 19:36:14.919417,  1] ../lib/dbwrap/dbwrap_local_open.c:184(dbwrap_local_open)
  WARNING: database '/var/etc/private/passdb.tdb.tmp' does not end in .[n]tdb: treating it as a TDB file!
[2014/09/25 19:36:14.919718,  1] ../source3/passdb/pdb_tdb.c:304(tdbsam_convert_backup)
  tdbsam_convert_backup: updated /var/etc/private/passdb.tdb file.
[2014/09/25 19:36:15.089135,  0] ../lib/util/become_daemon.c:136(daemon_ready)
  STATUS=daemon 'smbd' finished starting up and ready to serve connectionswaiting for connections
[2014/09/25 19:37:14.860618,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5605 -- ignoring
[2014/09/25 19:38:14.881038,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5606 -- ignoring
[2014/09/25 19:39:14.897356,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5607 -- ignoring
[2014/09/25 19:39:18.087035,  2] ../source3/param/loadparm.c:535(max_open_files)
  max_open_files: increasing sysctl_max (11095) to minimum Windows limit (16384)
[2014/09/25 19:39:18.087268,  2] ../source3/param/loadparm.c:543(max_open_files)
  rlimit_max: increasing rlimit_max (11090) to minimum Windows limit (16384)
[2014/09/25 19:39:18.088782,  1] ../source3/param/loadparm.c:3178(lp_do_parameter)
  WARNING: The "null passwords" option is deprecated
[2014/09/25 19:39:18.089568,  2] ../source3/param/loadparm.c:3581(do_section)
  Processing section "[donnees]"
[2014/09/25 19:39:18.091349,  2] ../source3/param/loadparm.c:3581(do_section)
  Processing section "[media]"
[2014/09/25 19:39:18.093403,  2] ../source3/auth/auth.c:288(auth_check_ntlm_password)
  check_ntlm_password:  Authentication for user [FG] -> [FG] FAILED with error NT_STATUS_NO_SUCH_USER
[2014/09/25 19:39:18.107178,  2] ../lib/util/modules.c:191(do_smb_load_module)
  Module 'aio_pthread' loaded
[2014/09/25 19:39:18.110798,  2] ../lib/util/modules.c:191(do_smb_load_module)
  Module 'streams_xattr' loaded
[2014/09/25 19:39:18.117046,  2] ../lib/util/modules.c:191(do_smb_load_module)
  Module 'zfsacl' loaded
[2014/09/25 19:39:18.118519,  2] ../source3/smbd/service.c:856(make_connection_snum)
  fred (ipv4:192.168.0.20:56240) connect to service media initially as user nobody (uid=65534, gid=65534) (pid 5608)
[2014/09/25 19:39:20.045019,  2] ../source3/smbd/service.c:856(make_connection_snum)
  fred (ipv4:192.168.0.20:56240) connect to service donnees initially as user nobody (uid=65534, gid=65534) (pid 5608)
[2014/09/25 19:40:14.896822,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5629 -- ignoring
[2014/09/25 19:41:14.918649,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5632 -- ignoring
[2014/09/25 19:42:14.923461,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5645 -- ignoring
[2014/09/25 19:43:14.927730,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5651 -- ignoring
[2014/09/25 19:44:14.948672,  2] ../source3/smbd/server.c:437(remove_child_pid)
  Could not find child 5658 -- ignoring


[root@freenas /mnt/MEDIATHEQUE/media/DESSINS ANIMES]# getfacl Divers/
# file: Divers/
# owner: nobody
# group: guest
  owner@:rwxpDdaARWcCos:fd----:allow
  group@:rwxpDdaARWcCos:fd----:allow
  everyone@:r-x---a-R-c---:fd----:allow

[root@freenas /mnt/MEDIATHEQUE/media/DESSINS ANIMES/Divers]# ls -l
total 72426758
-rwxrwxr-x+ 1 nobody  guest  1240047277 Jan 17  2014 1001 pattes (1998).mkv
-rwxrwxr-x+ 1 nobody  guest  2207202411 Sep 21  2013 Akira (1988).mkv
drwxrwxr-x+ 2 nobody  guest  10 Oct 16  2013 Ast??rix
-rwxrwxr-x+ 1 nobody  guest  1307479587 Jan 17  2014 Blanche-Neige et les 7 nains (1937).mkv
-rwxrwxr-x+ 1 nobody  guest  1099127897 Sep 17  2012 Brave story (2006).mkv
-rwxrwxr-x+ 1 nobody  guest  5009932502 Feb 16  2014 Cars (2006).mkv
-rwxrwxr-x+ 1 nobody  guest  4607432176 Aug 17  2012 Colorful (2010).mkv
-rwxrwxr-x+ 1 nobody  guest  823741819 Nov 27  2012 Ghost in the shell (1995).mkv
-rwxrwxr-x+ 1 nobody  guest  1086826578 Jan 17  2014 Kiki la petite sorci??re (1989).mkv
-rwxrwxr-x+ 1 nobody  guest  1330130072 Jan 17  2014 L'??ge de glace 2 (2005).mkv
-rwxrwxr-x+ 1 nobody  guest  1745227936 Oct 16  2013 La Belladone de la tristesse (1973).mkv
-rwxrwxr-x+ 1 nobody  guest  4024471500 Aug  5  2012 La colline aux coquelicots (2011).mkv
-rwxrwxr-x+ 1 nobody  guest  5274777417 Feb 16  2014 La princesse et la grenouille (2009).mkv
-rwxrwxr-x+ 1 nobody  guest  853579985 Nov 14  2012 La travers??e du temps (2006).mkv
-rwxrwxr-x+ 1 nobody  guest  4037402240 Jun  8 07:58 Le ch??teau dans le ciel (1986).mkv
-rwxrwxr-x+ 1 nobody  guest  1496568245 Oct 21  2012 Le roi et l'oiseau (1979).mkv
-rwxrwxr-x+ 1 nobody  guest  3821298156 Feb 16  2014 Le roi lion 2 - l'honneur de la tribu (1998).mkv
-rwxrwxr-x+ 1 nobody  guest  1243910712 Jul 10  2012 Le voyage de Chihiro (2001).m4v
-rwxrwxr-x+ 1 nobody  guest  1166159872 Jul  4  2008 Le_chateau_ambulant.avi
-rwxrwxr-x+ 1 nobody  guest  4685473126 Feb 15  2014 Les aristochats (1970).mkv
-rwxrwxr-x+ 1 nobody  guest  1226846433 Jan 17  2014 Les aventures de Bernard et Bianca (1977).mkv
-rwxrwxr-x+ 1 nobody  guest  1331337900 Oct 23  2013 Les ma??tres du temps (1981).mkv
-rwxrwxr-x+ 1 nobody  guest  975947880 Mar 22  2013 Les triplettes de Belleville (2002).mkv
-rwxrwxr-x+ 1 nobody  guest  593255176 Aug 31 03:49 Mon voisin Totoro (1988).mkv
-rwxrwxr-x+ 1 nobody  guest  1052156879 Sep 17  2012 Omoide Poroporo (1991).mkv
-rwxrwxr-x+ 1 nobody  guest  894182959 Sep 17  2012 Origine (2006).mkv
-rwxrwxr-x+ 1 nobody  guest  2834529735 Mar  8  2012 Persepolis (2007).m4v
-rwxrwxr-x+ 1 nobody  guest  1616068445 Sep 17  2012 Pompoko (1994).mkv
-rwxrwxr-x+ 1 nobody  guest  3256514683 Feb 22  2012 Ponyo sur la falaise (2008).m4v
-rwxrwxr-x+ 1 nobody  guest  1756516220 Jul 10  2012 Princesse Mononoke (1997).m4v
-rwxrwxr-x+ 1 nobody  guest  1028911104 Feb 15  2014 Rebelle (2012).mkv
-rwxrwxr-x+ 1 nobody  guest  1168401274 Jan 17  2014 Robots (2005).mkv
-rwxrwxr-x+ 1 nobody  guest  3485826354 Jun  6  2013 Roi des ronces (2009).mkv
-rwxrwxr-x+ 1 nobody  guest  952996508 Jan 17  2014 Scooby-Doo la l??gende du phantosaure (2011).mkv
-rwxrwxr-x+ 1 nobody  guest  1263794962 Nov 14  2012 Summer wars (2009).mkv
-rwxrwxr-x+ 1 nobody  guest  2209487088 Jun 21 11:28 The garden of words (2012).mkv
-rwxrwxr-x+ 1 nobody  guest  13312 Aug 31 04:28 Thumbs.db
-rwxrwxr-x+ 1 nobody  guest  316575975 Feb 16  2014 Wallace et Gromit E01 Une grande excursion.mkv
-rwxrwxr-x+ 1 nobody  guest  435350395 Feb 16  2014 Wallace et Gromit E02 Un mauvais pantalon.mkv
-rwxrwxr-x+ 1 nobody  guest  390625692 Feb 16  2014 Wallace et Gromit E03 Ras?? de pr??s.mkv
-rwxrwxr-x+ 1 nobody  guest  303670909 Feb 16  2014 Wallace et Gromit E04 Un sacr?? p??trin !.mkv

 

[anodos]

Okay, assuming you only use CIFS on this dataset do the following:

1) Create a user (preferably the same username and password as what you use to log in the Windows box), and a group.
2) Through the volume manager, recursively set the ownership of the dataset to the user and group created in (1), set ACLtype to windows.
3) If NFS is enabled for this dataset, disable it.
4) Create a CIFS share pointing to the dataset. Then check the box "apply default permissions". Click "OK". This operation may take a long time to run.
5) Once (4) is complete use windows explorer to configure permissions by navigating to \\[ipaddress or hostname] and right-clicking your share. Click "properties", then "security". Set permissions as needed.

 

[Youri Andropov]

It works. Thank you.