Problem access Files, Nextcloud, impossible to create or delete files

Benjii · December 10, 2021, 1:21pm

My YunoHost server

Hardware: Beelink U59
YunoHost version: 4.3.2.2 (stable)
**I have access to my server : Through SSH & through the webadmin & direct access via keyboard / screen
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : yes, runing backports package because my GPU is not available with Debian 10, so I upgraded kernel of linux in 5.X Backports and forced it in the grub to launch the GPU pilots.

Description of my issue

My goal is to create a hoster cloud server through nextcloud. I have mounted a NAS in the fstab and have full read and write access to all the folders on the NAS from the computer.

So I subsequently installed Nextcloud, add the NAS to external media, but I cannot create, move, upload, a file. Only read access is allowed to me.
I tried a chmod 777, chown … and nothing helps.
Here is what I get when I try an action :

I’m out of ideas,

Thank you in advance for your help,
Good day,

Français

Description du problème

Mon but est de créer un serveur cloud hoster via nextcloud. J’ai monté un NAS dans le fstab et j’ai bien accès en écriture et en lecture à tous les dossiers présent sur le NAS depuis l’ordinateur.

J’ai donc par la suite installé Nextcloud, ajouter le NAS en media externe, mais il m’est impossible de créer, déplace, televerser, un fichier. Seul l’accès en lecture m’est autorisé.
J’ai essayé un chmod 777, chown … Et rien n’y fait.

Je suis à court d’idées,

Merci par avance pou votre aide,
Bonne journée,

Benjii · December 10, 2021, 3:05pm

Il semble que les permissions ne soient pas les même entre le dossier local de yunohost pour lequel tout fonctionne correctement et la connexion au nas en tant que stockage externe :

root@cyragroup:/home/bencg# ls -al /home/yunohost.app/nextcloud
total 12
drwxrwxrwx 3 root      root      4096 Dec 10 15:44 .
drwxr-xr-x 3 root      root      4096 Nov  9 15:38 ..
drwxr-x--- 9 nextcloud nextcloud 4096 Nov 12 12:53 data
root@cyragroup:/home/bencg# ls -al /media/nas
total 2624
drwxr-xr-x 2 bencg bencg       0 Dec 10 15:07  .
drwxr-xr-x 6 root  root     4096 Dec 10 13:49  ..
drwxr-xr-x 2 bencg bencg       0 Jan  2  2015 '01_ARCHITECTURE POST PRODUCTION'
drwxr-xr-x 2 bencg bencg       0 Dec 10 15:18  02_BIBLIOTHEQUE
drwxr-xr-x 2 bencg bencg       0 Oct 18 09:49  03_STOCK_RC

Mais impossible de changer cela avec le chown et chmod …

Merci d’avance pour l’aide !

wbk · December 10, 2021, 8:12pm

I have two ideas to look into:

Does Nextcloud support writing to external media? I used it, but read only, so I couldn’t comment on read/write access.
Yunohost uses ACL (access control lists) besides traditional ‘single’ file permissions. It could be that the nextcloud user does not have write permission to the mounted NAS locations.

Try browsing the filesystem as nextcloud user and see if you can create any files:

$ sudo su -
# su nextcloud
$ cd /media/nas/
etc

Did you consider mounting the NAS in the Nextcloud-directory, handily bypassing the external storage configuration? What are the reasons for not using it that way?

Pay attention with setfacl : you need to set current permissions, as well as default permissions in two seperate (or one complex) statements. The setfacl statement would be something like :

$ cd /media/nas
$ sudo setfacl -Rm u:nextcloud:rx 02_BIBLIOTHEQUE/
$ sudo setfacl -dRm u:nextcloud:rx 02_BIBLIOTHEQUE/

(copied from a thread about access to the filesystem for another user, in your case ‘nextcloud’)

Benjii · December 11, 2021, 4:05pm

Hello @wbk,

Thanks a lot for your answer.

Here is what I get :

su nextcloud
This account is currently not available.

Yes at first, it was what I wanted to do… But the problem remains the same. I first want to make work as an external storage and then, I will migrate everything in the nas.

For this command line, I get this for all subfolder :

setfacl: 01_ARCHITECTURE POST PRODUCTION/: Operation not supported
setfacl: 01_ARCHITECTURE POST PRODUCTION//03 PROJET MONTAGE: Operation not supported

The same for this one

Thanks again to provide help !

wbk · December 11, 2021, 5:39pm

Hmm… Most Yunohost users have no permission to use Bash or log in. I think you can circumvent that, by temporarily adding user nextcloud to the SSH-users-group in the Yunohost usergroup configuration. You won’t know its password (and I would not change it), but with some luck you can after that su -u nexctloud after that (or make public key SSH login working, but that is for later).

Ok, yes, of course.

How is the NAS mounted? Maybe setfacl can only be run on the filesystem directly, or not via all network mount protocols. For sure, I think sshfs does not support it, compare getfacl for my Yunohost /home/yunohost.app/nextcloud/data first mounted via sshfs and then when executed directly on the filesystem;
via SSHFS:

~/sshfs/yunohost.app/nextcloud/data$ getfacl .
# file: .
# owner: 993
# group: 993
user::rwx
group::rwx
other::---

on Yunohost directly

:/home/yunohost.app/nextcloud/data$ getfacl .
# file: .
# owner: nextcloud
# group: nextcloud
user::rwx
user:yunotest:rwx
user:yunouser:rwx
group::r-x
group:borgssh:rwx
mask::rwx
other::---
default:user::rwx
default:user:yunotest:rwx
default:group::r-x
default:group:13268:rwx
default:mask::rwx
default:other::---

This situation may be the reverse of your situation, so perhaps it is the wrong direction to look in (I mounted Yunohost on my desktop, instead of NAS on Yunohost; the result of ACL on Yunohost is that only part of the mounted Yuno-FS is visibile on the desktop)

Hey! But still: your nextcloud user is probably not allowed to write to /mnt!

I’m having dinner first, maybe this already helps a bit

system · December 26, 2021, 5:39pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.