2019-03-26, 10:33
Is it possible you mount export the NFS share as ro (read only)?
Please show me your exports files and how you mount that share.
Please show me your exports files and how you mount that share.
2019-03-26, 11:40
(2019-03-26, 10:33)DaVu Wrote: Please show me your exports files and how you mount that share.Ok... HOW do you want me to show you...?
Regarding the NFS-mount, I just defined the sources as NFS share when adding videos. But I'm gonna check this .
Please give me some time as I'm not at home at the moment.
2019-03-26, 11:52
(2019-03-26, 00:42)Karellen Wrote: It definitely looks like a permission issue. The end of the above line states the current permission is --- but the required permission is rw-
What I already checked on the NAS with chmod is that every media- / videofolder has permissions for read, write and execute by owner, by group AND by others.
Except the .actor folder, which only has permission for read, write and execute by owner and NOT for group and others. The owner is nfsnobody
2019-03-26, 12:08
SSH into your NAS and get me the output of
If SSH is currently not possible then you might be able to enable that at the NAS settings.
Setting up NFS shares using some NAS GUI is sometimes more difficult than doing it manually
If a NFS share is exported (shared) as RO (read-only) then it's read-only. No matter what you do on the files permissions
cat /etc/exportsIf SSH is currently not possible then you might be able to enable that at the NAS settings.
Setting up NFS shares using some NAS GUI is sometimes more difficult than doing it manually
If a NFS share is exported (shared) as RO (read-only) then it's read-only. No matter what you do on the files permissions
2019-03-26, 16:27
Thanks.
The shares aren't exported as read-only. So far so good
Please check if your passwd file contains an user named "nobody" or "anonymous" which has the UID and GID 99. No need to show that file here. Check that yourself with
What I also see is, that you are using this:
"/raiddata/0/_NAS_NFS_Exports_/CM" *
where
"/raiddata/0/_NAS_NFS_Exports_/CM" *(rw,fsid=1,no_root_squash,secure,async,no_subtree_check,anonuid=99,anongid=99)
and:
"/raiddata/0/_NAS_NFS_Exports_/CM" 192.168.1.126(rw,fsid=3,no_root_squash,insecure,async,no_subtree_check,anonuid=99,anongid=99)
"/raiddata/0/_NAS_NFS_Exports_/CM" 192.168.1.128(rw,fsid=4,no_root_squash,insecure,async,no_subtree_check,anonuid=99,anongid=99)
"/raiddata/0/_NAS_NFS_Exports_/CM" 192.168.1.132(rw,fsid=5,no_root_squash,insecure,async,no_subtree_check,anonuid=99,anongid=99)
for a test, I would probably use "insecure" on all exports. "insecure" means that connections above port 1024 will be allowed.
The "no_root_squash" can for sure be used. That simply means, that files which the user "root" writes to that share isn't 'squashed' to the UID/GID "99". So the files will have the UID/GID "0". If you want that, then leave it as it is. If you don't want that, then change "no_root_squash" to "all_squash" or "root_squash". An example where this might be useful is if you are using LibreELEC which only has a single user ("root") and if you then export your library using LibreELEC the files written on the NAS will all have UID/GID "0" and probably can't be read/overwritten by another client which connects as a non-root-user.
I have no idea which ID an android device is using. So probably changing that to "all_squash" might also help.
The shares aren't exported as read-only. So far so good
Please check if your passwd file contains an user named "nobody" or "anonymous" which has the UID and GID 99. No need to show that file here. Check that yourself with
grep "99" /etc/passwd and please confirm if it exists or not.What I also see is, that you are using this:
"/raiddata/0/_NAS_NFS_Exports_/CM" *
where
* means any IP in that range is allowed to access this exported folder. and then you are separating specific IPs. What's the reason for that? If you, on the one hand allow ANY IP to be able to connect to that share, there's no need to specifically allow other IPs to connect to the same export. What I see as well, and there's a little difference:"/raiddata/0/_NAS_NFS_Exports_/CM" *(rw,fsid=1,no_root_squash,secure,async,no_subtree_check,anonuid=99,anongid=99)
and:
"/raiddata/0/_NAS_NFS_Exports_/CM" 192.168.1.126(rw,fsid=3,no_root_squash,insecure,async,no_subtree_check,anonuid=99,anongid=99)
"/raiddata/0/_NAS_NFS_Exports_/CM" 192.168.1.128(rw,fsid=4,no_root_squash,insecure,async,no_subtree_check,anonuid=99,anongid=99)
"/raiddata/0/_NAS_NFS_Exports_/CM" 192.168.1.132(rw,fsid=5,no_root_squash,insecure,async,no_subtree_check,anonuid=99,anongid=99)
for a test, I would probably use "insecure" on all exports. "insecure" means that connections above port 1024 will be allowed.
The "no_root_squash" can for sure be used. That simply means, that files which the user "root" writes to that share isn't 'squashed' to the UID/GID "99". So the files will have the UID/GID "0". If you want that, then leave it as it is. If you don't want that, then change "no_root_squash" to "all_squash" or "root_squash". An example where this might be useful is if you are using LibreELEC which only has a single user ("root") and if you then export your library using LibreELEC the files written on the NAS will all have UID/GID "0" and probably can't be read/overwritten by another client which connects as a non-root-user.
I have no idea which ID an android device is using. So probably changing that to "all_squash" might also help.
2019-03-26, 17:29
Ok, step by step ;-)
1) The result of grep "99" /etc/passwd -> nobody:*:99:99:nobody:/:
2) Yes, I know that I first defined "/raiddata/0/_NAS_NFS_Exports_/CM" * and then later I added the NAS itself (......1.120) to the list, which might be of no sense.
(I'm gonna try to delete this entry) The problem is, that on the Thecus, you have to decide between Unic / Linux and AIX OS support in the NFS setup for each entry.
Android needs AIX support, the NAS itself Unix / Linux of course. Setting to AIX seems to set the "insecure" entry and Unix / Linux the "secure" entry. So there seems to be no chance for seeting the NAS itself to "insecure" ... you cannot set it directly.
3) In the NFS setup for each host you can decide between a) Root (root:root) and b) Anonymous (nobody:nogroup) . As I understand what you explained, "no_root_squash" is when you set Root (root:root).
I will try set the ID to Anonymous , which will cause "all_squash" I suspect.
1) The result of grep "99" /etc/passwd -> nobody:*:99:99:nobody:/:
2) Yes, I know that I first defined "/raiddata/0/_NAS_NFS_Exports_/CM" * and then later I added the NAS itself (......1.120) to the list, which might be of no sense.
(I'm gonna try to delete this entry) The problem is, that on the Thecus, you have to decide between Unic / Linux and AIX OS support in the NFS setup for each entry.
Android needs AIX support, the NAS itself Unix / Linux of course. Setting to AIX seems to set the "insecure" entry and Unix / Linux the "secure" entry. So there seems to be no chance for seeting the NAS itself to "insecure" ... you cannot set it directly.
3) In the NFS setup for each host you can decide between a) Root (root:root) and b) Anonymous (nobody:nogroup) . As I understand what you explained, "no_root_squash" is when you set Root (root:root).
I will try set the ID to Anonymous , which will cause "all_squash" I suspect.
2019-03-26, 17:48
2019-03-26, 17:50
As you NAS has the IP 120 at the end I was at no point referring to your NAS. I was referring to the entry where you set
The entry which allows any IP has the "secure" flag. The entries which allow only specific IPs have the insecure flag. I have the insecure flag nearly on any of my exports (not at home, so I can't check) and I don't use Android anywhere to connect to them. So it's all Linux in my case. As said, the "secure"/"insecure" flag only means "do not support ports above 1024" (secure) and "allow ports above 1024" (insecure).
For reference and as you are german: https://wiki.ubuntuusers.de/NFS/
That page explains it pretty well (and I partly helped on that page).
You could also edit the file per hand. So you don't need to "guess" what the NAS does if it doesn't fulfill your needs. That's what I have done with the Synology NAS here at work, as it hasn't set the option in the way I want them to be. Therefore I edited the file manually which was way faster
* which will mean ANY IP is allowed to connect to that export and to those entries where you specifically allow the IPs 126, 128 and 132.The entry which allows any IP has the "secure" flag. The entries which allow only specific IPs have the insecure flag. I have the insecure flag nearly on any of my exports (not at home, so I can't check) and I don't use Android anywhere to connect to them. So it's all Linux in my case. As said, the "secure"/"insecure" flag only means "do not support ports above 1024" (secure) and "allow ports above 1024" (insecure).
For reference and as you are german: https://wiki.ubuntuusers.de/NFS/
That page explains it pretty well (and I partly helped on that page).
You could also edit the file per hand. So you don't need to "guess" what the NAS does if it doesn't fulfill your needs. That's what I have done with the Synology NAS here at work, as it hasn't set the option in the way I want them to be. Therefore I edited the file manually which was way faster
2019-03-26, 18:23
2019-03-26, 20:14
To add - insecure is a must for alle exports that are accessed by Kodi. If you don’t have this flag on the exports Kodi would need to be run as root User to be able to connect to them (you don’t want this usually)
Step 2 is to squash all users to a defined uid/gif (nobody for example) and ensure that the filesystem gives proper access to that uid.
Step 2 is to squash all users to a defined uid/gif (nobody for example) and ensure that the filesystem gives proper access to that uid.
2019-03-26, 20:52
Can you describe me where and how I can set this "insecure" flag manually please ? Sorry, I'm not so familiar with Linux....
2019-03-26, 23:03
That might depend which editor is available on your NAS. If it's nano, then it's easy and most likely self explained. Simply try
nano /etc/exports it could be possible that you need to add "sudo" in front. But the command line will tell you. In case you need to add that, then the command looks like sudo nano /etc/exports. If "nano" isn't available at all (error will be "command not found" or similar), then you might need to deal with "vi" or "vim" which is a bit more complicated to understand if you never tried it before. So let's hope "nano" is available
2019-03-27, 01:05
(2019-03-26, 23:03)DaVu Wrote: That might depend which editor is available on your NAS. ....Ok, nano was not available on the Thecus, so I did it using MC and set the NAS itself to "insecure" flag !
A BIG STEP !!!!! Probably the SOLUTION !!
After restarting Kodi, export to separate worked without error message that the folder can not be written (Ordner nicht beschreibbar) for the first time !!
Checking the media folder on the NAS I found that most of the NFO files had been written ! YEAH.....
So thanks a lot for helping me on this issue to DaVu, Karellen and Memphiz also for his important info !!! I had no chance to solve this problem without your help !!
The only thing I would like to find out now is, why Kodi now did not write a NFO file to every media-folder. Some are missing....
Good night...
