docker-samba
docker-samba copied to clipboard
crazy-max
Cannot delete files but can create them
Behaviour
I am running this in kubernetes, I can connect to the share on my mac and I can create/read/update files but I cannot delete them.
Steps to reproduce this issue
- create share
- connect via
smb://{user}@{host_ip}:{port}/{share} - create, read, update, works but not delete
Configuration
- Mac version : Big Sur 11.6
- Docker version (type
docker --version) : MicroK8s 1.23 - Platform (Debian 9, Ubuntu 18.04, ...) : Ubuntu 20.04
- System info (type
uname -a) :Linux worker-node-1 5.4.0-1052-raspi #58-Ubuntu SMP PREEMPT Mon Feb 7 16:52:35 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux - Include all necessary configuration files :
docker-compose.yml,.env, ...
kubernetes manifests:
---
apiVersion: v1
kind: ConfigMap
metadata:
name: samba-config
namespace: share
labels:
app.kubernetes.io/instance: samba
app.kubernetes.io/name: samba
data:
config.yml: |-
auth:
- user: apollorion
group: apollorion
uid: 1000
gid: 1000
password: apollorion
global:
- "force user = root"
- "force group = root"
- "writable = yes"
share:
- name: share
path: /mnt/share
browsable: yes
readonly: no
guestok: no
validusers: apollorion
writelist: apollorion
veto: no
adminusers: apollorion
---
apiVersion: v1
kind: Service
metadata:
name: samba
namespace: share
labels:
app.kubernetes.io/instance: samba
app.kubernetes.io/name: samba
spec:
type: NodePort
ports:
- port: 139
targetPort: netbios
protocol: TCP
name: netbios
- port: 445
targetPort: tcp
protocol: TCP
name: tcp
selector:
app.kubernetes.io/name: samba
app.kubernetes.io/instance: samba
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: samba
namespace: share
labels:
app.kubernetes.io/instance: samba
app.kubernetes.io/name: samba
spec:
revisionHistoryLimit: 3
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: samba
app.kubernetes.io/instance: samba
template:
metadata:
labels:
app.kubernetes.io/name: samba
app.kubernetes.io/instance: samba
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/hostname
operator: In
values:
- worker-node-1
automountServiceAccountToken: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
containers:
- name: samba
image: "ghcr.io/crazy-max/samba:4.15.5"
imagePullPolicy: Always
env:
- name: TZ
value: UTC
- name: LOG_LEVEL
value: DEBUG
ports:
- name: netbios
containerPort: 139
protocol: TCP
- name: tcp
containerPort: 445
protocol: TCP
volumeMounts:
- name: config
mountPath: /data/config.yml
subPath: config.yml
- name: share
mountPath: /mnt/share
volumes:
- name: config
configMap:
name: samba-config
- name: share
hostPath:
path: /mnt/share
Logs
Setting timezone to UTC
Initializing files and folders
Setting global configuration
Creating user apollorion/apollorion (1000:1000)
Added user apollorion.
Add global option: force user = root
Add global option: force group = root
Add global option: writable = yes
Creating share share
Load smb config files from /etc/samba/smb.conf
Loaded services file OK.
Weak crypto is allowed
WARNING: The 'netbios name' is too long (max. 15 chars).
Server role: ROLE_STANDALONE
# Global parameters
[global]
disable netbios = Yes
disable spoolss = Yes
dns proxy = No
local master = No
map to guest = Bad User
pam password change = Yes
printcap name = /dev/null
security = USER
server role = standalone server
server services = s3fs, rpc, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
server string = Docker Samba Server
smb ports = 445
unix extensions = No
usershare allow guests = Yes
winbind scan trusted domains = Yes
fruit:time machine = yes
fruit:delete_empty_adfiles = yes
fruit:wipe_intentionally_left_blank_rfork = yes
fruit:veto_appledouble = no
fruit:posix_rename = yes
fruit:model = MacSamba
fruit:metadata = stream
idmap config * : backend = tdb
create mask = 0664
directory mask = 0775
force create mode = 0664
force directory mode = 0775
force group = root
force user = root
hosts allow = 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16
hosts deny = 0.0.0.0/0
printing = bsd
strict locking = No
vfs objects = fruit streams_xattr
wide links = Yes
[share]
admin users = apollorion
delete veto files = Yes
path = /mnt/share
valid users = apollorion
veto files = /._*/.apdisk/.AppleDouble/.DS_Store/.TemporaryItems/.Trashes/desktop.ini/ehthumbs.db/Network Trash Folder/Temporary Items/Thumbs.db/
write list = apollorion
smbd version 4.15.5 started.
Copyright Andrew Tridgell and the Samba Team 1992-2021
unix_convert: talloc_asprintf failed
_mdssvc_open: Couldn't create policy handle for share
unix_convert: talloc_asprintf failed
Directory privileges on host:
pi@worker-node-1:/mnt/share$ ls -lah
total 388K
drwxrwxrwx 1 root root 128K Aug 25 02:28 .
drwxr-xr-x 3 root root 4.0K Aug 24 15:58 ..
-rwxrwxrwx 1 root root 12 Aug 25 02:09 file.txt
Directory privileges in container:
total 388K
drwxrwxrwx 1 root root 128K Aug 25 02:28 .
drwxr-xr-x 1 root root 4.0K Aug 25 02:57 ..
-rwxrwxrwx 1 root root 12 Aug 25 02:09 file.txt
Directory privileges on macosx via samba:
total 320
drwxrwxrwx 1 apollorion staff 16K Aug 24 22:28 .
drwxr-xr-x 4 root wheel 128B Aug 24 22:58 ..
-rwxrwxrwx 1 apollorion staff 12B Aug 24 22:09 file.txt
