No read/write permission for subfolders inside the Backup folder

[chatulim]

Describe the bug When mounting the LBB via Netatalk(?) in the Finder on my Mac, the folders inside the "Internal" shared folder all have permissions set to no access.

To Reproduce Steps to reproduce the behavior:

1. Plug in LBB to USB power
2. In the Finder on a Mac, use "connect to server" to view the contents of the LBB (don't know how this would translate to other systems).
3. Select the "Internal" shared folder
4. See that all of the sub-folders have the "do not enter" badge.
5. Try to view the contents of a folder, get rejected.

Expected behavior In at least one of the prior iterations of the development version of LBB, the permissions on the subfolders were set to "read/write" -- as expected. At the moment, I can manually change the permissions to be able to view the contents of the backed-up folders, but it adds an unnecessary additional step.

Screenshots

Desktop (please complete the following information):

• Raspberry Pi Zero 2 W running Bullseye
• LBB Development branch
• Mac Mini running Mac OS 13.4 Ventura

[outdoorbits]

I do not use apple devices, so I can't test this. But I just browsed the folders via filebrowser/smb without any problems. When I login via ssh and check the permissions, I get this:

pi@raspberrypi:~ $ ls -la /media/ total 152 drwxrwxrwx+ 5 www-data www-data 4096 Sep 20 21:22 . drwxr-xr-x 18 root root 4096 Sep 17 09:12 .. drwxrwxrwx+ 3 www-data www-data 4096 Sep 12 20:17 backgroundimages -rw-r--r-- 1 www-data www-data 368 Sep 17 09:26 buttons.private.cfg drwxrwxrwx+ 3 www-data www-data 4096 Sep 18 15:43 internal drwxrwxrwx 6 www-data www-data 131072 Sep 20 21:22 local_target -rw-r--r-- 1 www-data www-data 1005 Sep 17 09:26 rclone.conf

All folders are owned by www-data and permissions are rwx to the world. Is it the same on your device?

[chatulim]

I do not use apple devices, so I can't test this. But I just browsed the folders via filebrowser/smb without any problems. When I login via ssh and check the permissions, I get this:

pi@raspberrypi:~ $ ls -la /media/ total 152 drwxrwxrwx+ 5 www-data www-data 4096 Sep 20 21:22 . drwxr-xr-x 18 root root 4096 Sep 17 09:12 .. drwxrwxrwx+ 3 www-data www-data 4096 Sep 12 20:17 backgroundimages -rw-r--r-- 1 www-data www-data 368 Sep 17 09:26 buttons.private.cfg drwxrwxrwx+ 3 www-data www-data 4096 Sep 18 15:43 internal drwxrwxrwx 6 www-data www-data 131072 Sep 20 21:22 local_target -rw-r--r-- 1 www-data www-data 1005 Sep 17 09:26 rclone.conf

All folders are owned by www-data and permissions are rwx to the world. Is it the same on your device?

Here's what I get with the same command:

pi@lbbox-ii:~ $ ls -la /media/
total 20
drwxrwxrwx+  4 www-data www-data 4096 Sep 20 21:54 .
drwxr-xr-x  18 root     root     4096 May  3 03:26 ..
drwxrwxrwx+  3 www-data www-data 4096 Sep 20 18:22 backgroundimages
-rw-r--r--   1 www-data www-data  368 Sep 20 21:39 buttons.private.cfg
drwxrwxrwx+  4 www-data www-data 4096 Sep 21 16:43 internal
-rw-r--r--   1 www-data www-data    0 Sep 20 21:39 rclone.conf

[outdoorbits]

This means, permissions on file system level are correct. smbd also allows full access to user lbb. I added a samba server restart command after creating a media folder now. Because I can't reproduce the error, I can't check the effect. Any changes? Just for understanding: You are using an apple device and wont to browse the samba shares, right? If I'm right, Netatalk isn't used to mount network paths but to share, right? It's a server, not a client. Isn't it?

[chatulim]

This means, permissions on file system level are correct. smbd also allows full access to user lbb. I added a samba server restart command after creating a media folder now. Because I can't reproduce the error, I can't check the effect. Any changes? Just for understanding: You are using an apple device and wont to browse the samba shares, right? If I'm right, Netatalk isn't used to mount network paths but to share, right? It's a server, not a client. Isn't it?

I am not sure about the specifics of Samba vs. Netatalk, so I may be using incorrect terminology. I am using Apple devices (Mac & iPhone), and I want to browse the folders on the LBB that are shared over the network. Mostly because that is the easiest way for me to access the backed-up files on the internal micro SD card of the LBB (since I only have Apple devices, which can't read Ext4).

When I try to see the files on my Mac, I get an "incorrect permissions" message. However, when I try to do the same from an iPhone, I have no problem drilling down into the folders to see the image files.

What makes this particularly weird, is that it is still possible on the Mac for me to manually set the relevant sub-folders to "Read/Write" -- using the Mac GUI (not the terminal)... I'm not sure if this is a bug in Mac OS or some specific quirk of LBB (or Raspberry Pi, or Linux, or ???), but this is how it is.

[outdoorbits]

Very hard to say for me. As it is working on your iPhone but not on your mac - but ... I found an interesting site, describing how to get better mac compatibility:

https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X

As I can not test it, could you figure out the changes needed in /etc/samba/smb.conf? You can test it by editing it:

sudo nano /etc/samba/smb.conf

and

sudo service smbd restart

As soon as you find it out, I'll update lbb.

Thank you!

[chatulim]

https://wiki.samba.org/index.php/Configure_Samba_to_Work_Better_with_Mac_OS_X As I can not test it, could you figure out the changes needed in /etc/samba/smb.conf? You can test it by editing it: sudo nano /etc/samba/smb.conf and sudo service smbd restart

Just to clarify: I should make the edits to the samba file on LBB (not on my Mac). Please confirm.

[outdoorbits]

Yes, please edit the LBB samba configuration. I hope this will bring compatibility.

[chatulim]

Yes, please edit the LBB samba configuration. I hope this will bring compatibility.

Done. And it worked.

The original smb.config file starts like this:

### Global Settings ###
[global]
workgroup = WORKGROUP
wide links = yes
unix extensions = no
dns proxy = no

### Debugging/Accounting ###

...I did not delete anything or change any existing parameters -- I just added in the "recommended fruit config" from wiki.samba.org:

### Global Settings ###
[global]
workgroup = WORKGROUP
wide links = yes
unix extensions = no
dns proxy = no
vfs objects = fruit streams_xattr
fruit:metadata = stream
fruit:model = MacSamba
fruit:posix_rename = yes
fruit:veto_appledouble = no
fruit:nfs_aces = no
fruit:wipe_intentionally_left_blank_rfork = yes
fruit:delete_empty_adfiles = yes

### Debugging/Accounting ###

Then I restarted Samba and that seemed to solve the problem. I do not know which of the added lines did the trick, or if there is some other problem that was introduced by the addition, but as of now the permissions issue seems to be solved.

[outdoorbits]

Would you please update development version and check the function again? I just added the samba config part.

[chatulim]

Would you please update development version and check the function again? I just added the samba config part.

I reverted to the old samba config to make sure the problem came back (it did). Then I updated to the latest development version to confirm that the problem was gone. It was.

So that's it for me. As far as my testing goes, you are ready to ship.

;-)