Backups to NFS share are made as root

[ryanwalder]

The problem

Backups to an NFS share are created/permissioned as the root user. This is not ideal.

Please allow us to define the user/group (or uid/gid) that HA should access the NFS share as or at the very minimum chown the resulting backup files as..

What version of Home Assistant Core has the issue?

core-2023.8.1

What was the last working version of Home Assistant Core?

No response

What type of installation are you running?

Home Assistant OS

Integration causing the issue

No response

Link to integration documentation on our website

No response

Diagnostics information

No response

Example YAML snippet

No response

Anything in the logs that might be useful for us?

No response

Additional information

No response

[home-assistant[bot]]

Hey there @home-assistant/supervisor, mind taking a look at this issue as it has been labeled with an integration (hassio) you are listed as a code owner for? Thanks!

Code owner commands

Code owners of `hassio` can trigger bot actions by commenting: - `@home-assistant close` Closes the issue. - `@home-assistant rename Awesome new title` Renames the issue. - `@home-assistant reopen` Reopen the issue. - `@home-assistant unassign hassio` Removes the current integration label and assignees on the issue, add the integration domain after the command.

_{^{(message by CodeOwnersMention)}}

---

hassio documentation hassio source _{^{(message by IssueLinks)}}

[agners]

The Backup writing container is the Supervisor container, and it runs as root by default, so that is where this originates.

Do you use NFSv3 or NFSv4? It seems these behave fundamentally different in terms of how user/group id's are determined. All in all, controlling uid/gid from client side would need quite a bit of work on Supervisor and/or OS side.

However, you can control uid/gid on the server side relatively easy by forcing anonymous users: Use the following option for your export for Home Assistant: all_squash,anonuid=<uid>,anongid=<gid>. Technically for Home Assistant also root_squash would be enough. See also the man page of exportfs.

[ryanwalder]

I use NFSv4. But yeah I ended up using all_squash,anonuid=<uid>,anongid=<gid> for my setup. Just thought I'd raise an issue as IMO root as the default user is bad, even if it is a complex fix.

[agners]

Afaik NFSv4 uses usernames in the protocol. So we'd have to add a new config for NFSv4 to let the user specify I guess :thinking:

[DivanX10]

How do I add a network drive created in Synology? Neither Samba nor NFS works, I get an error

Failed to to call /mounts - does not match regular expression ^[^\\/]+ for dictionary value @ data['share']. Got '/volume1/BackUP/hassio_vmm

Through the samba-backup addon, I successfully place backups on Synology. I specify exactly the same parameters for connecting a network drive and it does not work. How do I set it up?

host: 192.168.1.200
share: BackUP
target_dir: hassio_vmm
username: NAS Backup
password: password
keep_local: 7
keep_remote: 10
trigger_time: "07:00"
trigger_days:
  - Mon
  - Tue
  - Wed
  - Thu
  - Fri
  - Sat
  - Sun
exclude_addons: []
exclude_folders: []
backup_name: "{type} Snapshot {date}"
workgroup: WORKGROUP

[issue-triage-workflows[bot]]

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates. Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍 This issue has now been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.