I'm new to Proxmox, so be gentle 
I've setup a Proxmox server (single) and intend to use it for several things. One of those things is having my files from a ZFS pool shared over the network with SMB/Samba. Using the LXC SambaShares. And having several other LXC have read/write access to the Bigdata ZFS pool as well.
The ZFS pool has several datasets on them. The ZFS pool was migrated from a Truenas Scale server. Import on Proxmox went smooth, Proxmox immediately recognised the pools and imported them.
I've set the acltype to off on all datasets and the pool:
Aclmode:
I've created a unprivileged LXC (debian 12) named "SambaShares" and mounted the bigdata pool in it.
Created a user "c3po" on the LXC, UID within LXC is 1000.
Created a user on Proxmox "r2d2", UID is 1002.
Made r2d2 owner of all the files and folders in the Bigdata ZFS pool. Permissions set to 666 on all files and folders in Bigdata.
Did a lxc.idmap to map c3po to r2d2 in the LXC. LXC config:
But when I login to SambaShares with c3po I cannot view the files on the ZFS pool. I can see the datasets in Bigdata but no files or folder in those datasets.
Screwing arround with creating new data sets and moving files there, I can make it work somewhat. Root and c3po of the LXC can see files in the new dataset.
But this did not sit me right for severals reasons: I would take ages to move evering thing ovev, MV command keeps permissions so I tried CP, but I have not enough room to duplicate everything and doing in phases takes a very long time. And second, I just want to understand why this is happening and fixing it.
So I've using `setfacl -bR /bigdata` to clear all ACLs. Setting permission on all the folder, even tried 777. But without success. I even managed to break access to the newly created dataset for c3po and root on Sambashares. No idea how, I've only been stripping permissions and re-applying them.
I do have noticed something strange with the permissions/ownership of Bigdata.
On Proxmox it looks like this:
On SambaShares LXC it looks like this:
Somehow the ownership is not mapping correctly.
I my approach wrong or am I doing something wrong with setting permissions?
Help would be greatly appreciated.
Starting from scratch with a new LXC is no problem btw, or any other good solution. I wanted to steer clear of creating the shares directly on the Proxmox host, wanting to keep Proxmox as vanilla as possible.
I've setup a Proxmox server (single) and intend to use it for several things. One of those things is having my files from a ZFS pool shared over the network with SMB/Samba. Using the LXC SambaShares. And having several other LXC have read/write access to the Bigdata ZFS pool as well.
The ZFS pool has several datasets on them. The ZFS pool was migrated from a Truenas Scale server. Import on Proxmox went smooth, Proxmox immediately recognised the pools and imported them.
I've set the acltype to off on all datasets and the pool:
Code:
NAME PROPERTY VALUE SOURCE
bigdata acltype off default
bigdata/downloads acltype off default
bigdata/games acltype off default
bigdata/movies acltype off default
bigdata/movies_old acltype off local
bigdata/tvshows acltype off defaultAclmode:
Code:
NAME PROPERTY VALUE SOURCE
bigdata aclmode passthrough local
bigdata/downloads aclmode discard local
bigdata/games aclmode discard local
bigdata/movies aclmode passthrough inherited from bigdata
bigdata/movies_old aclmode passthrough local
bigdata/tvshows aclmode passthrough localI've created a unprivileged LXC (debian 12) named "SambaShares" and mounted the bigdata pool in it.
Created a user "c3po" on the LXC, UID within LXC is 1000.
Created a user on Proxmox "r2d2", UID is 1002.
Made r2d2 owner of all the files and folders in the Bigdata ZFS pool. Permissions set to 666 on all files and folders in Bigdata.
Did a lxc.idmap to map c3po to r2d2 in the LXC. LXC config:
Code:
arch: amd64
cores: 1
features: nesting=1
hostname: SambaShares
memory: 2048
mp1: /bigdata,mp=/mnt/bigdata
net0: name=eth0,bridge=vmbr0,firewall=1,hwaddr=xxxxxxxxx,ip=dhcp,type=veth
onboot: 1
ostype: debian
rootfs: local-lvm:vm-105-disk-0,size=8G
swap: 512
unprivileged: 1
lxc.idmap: u 0 100000 1000
lxc.idmap: u 1000 1002 1
lxc.idmap: u 1001 101001 64535
lxc.idmap: g 0 100000 1000
lxc.idmap: g 1000 1002 1
lxc.idmap: g 1001 101001 64535But when I login to SambaShares with c3po I cannot view the files on the ZFS pool. I can see the datasets in Bigdata but no files or folder in those datasets.
Screwing arround with creating new data sets and moving files there, I can make it work somewhat. Root and c3po of the LXC can see files in the new dataset.
But this did not sit me right for severals reasons: I would take ages to move evering thing ovev, MV command keeps permissions so I tried CP, but I have not enough room to duplicate everything and doing in phases takes a very long time. And second, I just want to understand why this is happening and fixing it.
So I've using `setfacl -bR /bigdata` to clear all ACLs. Setting permission on all the folder, even tried 777. But without success. I even managed to break access to the newly created dataset for c3po and root on Sambashares. No idea how, I've only been stripping permissions and re-applying them.
I do have noticed something strange with the permissions/ownership of Bigdata.
On Proxmox it looks like this:
Code:
root@proxmox:~# ls -ln /bigdata
total 180
drw-rw-rw- 9 1002 1002 11 Dec 6 16:41 downloads
drw-rw-rw- 8 1002 1002 10 Oct 16 2024 games
drw-rw-rw- 31 1002 1002 31 May 9 20:59 movies
drw-rw-rw- 457 1002 1002 458 May 9 20:06 movies_old
-rw-rw-rw- 1 1002 1002 0 May 9 16:01 test
drw-rw-rw- 104 1002 1002 105 Mar 1 22:51 tvshows
root@proxmox:~# ls -lah /bigdata
total 192K
drwxrwxrwx 8 r2d2 r2d2 9 May 9 19:10 .
drwxr-xr-x 20 root root 4.0K May 8 22:47 ..
drw-rw-rw- 9 r2d2 r2d2 11 Dec 6 16:41 downloads
drw-rw-rw- 8 r2d2 r2d2 10 Oct 16 2024 games
drw-rw-rw- 31 r2d2 r2d2 31 May 9 20:59 movies
drw-rw-rw- 457 r2d2 r2d2 458 May 9 20:06 movies_old
-rw-rw-rw- 1 r2d2 r2d2 0 May 9 16:01 test
drw-rw-rw- 104 r2d2 r2d2 105 Mar 1 22:51 tvshowsOn SambaShares LXC it looks like this:
Code:
root@SambaShares:~# ls -ln /mnt/bigdata
total 4
drwxr-xr-x 2 65534 65534 2 May 20 2022 downloads
drwxr-xr-x 2 65534 65534 2 May 20 2022 games
drwxr-xr-x 2 65534 65534 2 May 20 2022 homedir
drwxr-xr-x 2 65534 65534 2 May 9 17:10 movies
drwxr-xr-x 2 65534 65534 2 May 9 17:10 movies_old
-rw-rw-rw- 1 1000 1000 0 May 9 14:01 test
drwxr-xr-x 2 65534 65534 2 May 9 12:41 tvshows
root@SambaShares:~# ls -lah /mnt/bigdata
total 16K
drwxrwxrwx 8 c3po c3po 9 May 9 17:10 .
drwxr-xr-x 4 root root 4.0K May 8 21:16 ..
drwxr-xr-x 2 nobody nogroup 2 May 20 2022 downloads
drwxr-xr-x 2 nobody nogroup 2 May 20 2022 games
drwxr-xr-x 2 nobody nogroup 2 May 20 2022 homedir
drwxr-xr-x 2 nobody nogroup 2 May 9 17:10 movies
drwxr-xr-x 2 nobody nogroup 2 May 9 17:10 movies_old
-rw-rw-rw- 1 c3po c3po 0 May 9 14:01 test
drwxr-xr-x 2 nobody nogroup 2 May 9 12:41 tvshowsSomehow the ownership is not mapping correctly.
I my approach wrong or am I doing something wrong with setting permissions?
Help would be greatly appreciated.
Starting from scratch with a new LXC is no problem btw, or any other good solution. I wanted to steer clear of creating the shares directly on the Proxmox host, wanting to keep Proxmox as vanilla as possible.
Last edited: