Permissions now 000 and I can’t access my data anymore

[garwhi]

i3-4150, 16gb ram, 4 x 3 TiB WD red cmr drives, gigabit network
Oh boy do I need help. My setup was working fine until recently. Now I can’t access my data. Looked into the shell and to my amazement all my folders are set to chmod 000, all hyphens. Same for all my data files. Tried to chmod everything to 640, actually I’d be happy with anything but 000. I have no idea how my permissions got unset. But the shell will not allow me to do a chmod. How can this disaster be fixed, or maybe I should ask can it be fixed?

 

[Samuel Tai]

Start with /mnt/<name of your pool>. ls -ld <name of your pool> in the shell. If this is 000, see if you can chown root:wheel <name of your pool> and chmod 755 <name of your pool>. If that works, then start going down the directory tree from there, and doing the same.

 

[garwhi]

My pool is drwxr-xr-x. My dataset under that shows drwxrwx-wx+. But all my subdirectories under my dataset are d---------+ and all my files under all of my folders are ---------+. Even though i'm root, root won't let me do a chmod. I tried on one of my folders, Zip, chmod 755 Zip, and i get Operation not permitted. Do you know why i can't do chmod? It seems to me that if i could do that then i could fix my problem.

 

[Samuel Tai]

This looks like an ACL apply gone wrong. This may be ugly to fix. First, setfacl -b /mnt/garpool/windowsdataset to remove the ACL from the top level. The permissions are too far gone to let you apply this recursively. Run setfacl -b * at each level (don't forget the .dot files), which should then allow you to run the chown and chmod.

 

[garwhi]

I see what you mean about it being ugly. I've successfully removed the ACL from the couple of folders i've tried so far. So, thanks. Great advice. I might want to hit you up for the chown and chmod part of the fix after i've fixed all the ACLs on all my folders (and, all my files). So glad it's fixable. Thanks again.

 

[garwhi]

Tried setfacl -b * and it removed the ACL from all my folders. Now to do the files. Making good progress here.

 

[Samuel Tai]

Tried setfacl -b * and it removed the ACL from all my folders. Now to do the files. Making good progress here.

OK, once you've cleared the ACL at each level, you want to run chown root:wheel * (this should already be the case, but this will make sure). Also, for each of the folders, run chmod 755 <name of folder>, which will set the execute bit to allow you to traverse into the folder. For files, run chmod 644 <name of file>. Rinse, repeat at each level.

 

[anodos]

This looks like an ACL apply gone wrong. This may be ugly to fix. First, setfacl -b /mnt/garpool/windowsdataset to remove the ACL from the top level. The permissions are too far gone to let you apply this recursively. Run setfacl -b * at each level (don't forget the .dot files), which should then allow you to run the chown and chmod.

000 doesn't necessarily mean that it went wrong. + next to file name means that actual permissions can't be expressed as a POSIX mode without losing information (i.e. mode isn't a reliable guide). Most likely reason for 000 mode is that user removed owner@, group@, and everyone@ entries from ACL manager, but left other entries.

 

[garwhi]

OK, i've done all that. I still can't see the data from Windows or from Linux. I'm guessing i need to add an ACL but this time do it properly. Can you help me with that? Sorry for my noobness.

 

[Samuel Tai]

How do you have this share defined under Sharing->Windows shares?

 

[garwhi]

I have nothing there now. Just windowsdataset and 1-1 of 1 underneath it. ACLs confuse me. Do i need a fourth ACL under my Pool? It seems like, since i'm the owner, that owner@ should be enough. I had created a fourth ACL initially when it was working correctly and i called it User, then Gary, but i was very confused about how to answer the other question: Permission Type, Permissions, Flags Type, etc. I'm thinking that i need to add that fourth ACL but not at all sure.

 

[Samuel Tai]

Please screen shot your share config for windowsdataset and the other share.

Note, owner with respect to ACLs and permissions refers to the first 3 bits of the permissions field: the Unix account owning the file. Group refers to the next 3 bits: the Unix group. The final 3 bits refer to everyone else.

In your case, your Gary account is NOT the owner, but root is. With respect to windowsdataset, your Gary account is lumped in with everyone else. This is why I need to know your intent, so we may have to adjust the ownership and group ownership of the dataset.

 

[garwhi]

Please screen shot your share config for windowsdataset and the other share.

Note, owner with respect to ACLs and permissions refers to the first 3 bits of the permissions field: the Unix account owning the file. Group refers to the next 3 bits: the Unix group. The final 3 bits refer to everyone else.

In your case, your Gary account is NOT the owner, but root is. With respect to windowsdataset, your Gary account is lumped in with everyone else. This is why I need to know your intent, so we may have to adjust the ownership and group ownership of the dataset.

 

[Samuel Tai]

Actually, I need a screen shot of the edit pane for this share, and also how you attach to the share from Linux and Windows.

 

[garwhi]

Thanks for the permissions explanation. As to my intentions, very simple. I just want a central location for all of my data that's accessible from my Windows 10 box, my Ubuntu box, my two iPads, and my smartphone. I'm the only user. With that arrangement my backups could be on either of my main boxes, or both. Thanks for your patience with me. I admit i find FreeNAS very confusing. I feel like i'm in waay over my head. I really appreciate all of your help.

 

[garwhi]

Actually, I need a screen shot of the edit pane for this share, and also how you attach to the share from Linux and Windows.

 

[Samuel Tai]

In that case, I recommend you set up your ACL like so:

 

[garwhi]

OK. I've done that. Still can't see it from my Windows box clicking on FREENAS under Computer under Windows File Explorer. I had this same problem when i first set it up a few months ago but googled the problem and went somewhere to fix permissions. But, unfortunately i don't remember where i went or what info i got from them to fix my problem. I spoke too soon. I just checked my Ubuntu box and i'm in! So glad to see my data again. So now if we can just fix my Windows 10 access problem.

 

[Samuel Tai]

Try disconnecting and reconnecting the share in Windows. You may also need to restart the SMB service.

 

[garwhi]

I tried stopping and starting SMB but no joy. I like Total Commander as my Windows file utility. When i go to disconnect network drives it ask me pick a drive, but the list is empty. I wonder if simply doing a warm or cold boot would fix the problem.