Y'all are trans, and I know how much you trans Zoomers code (no idea if that's a Linux thing or not tho), so I thought I might try Hexbear for some tech help. I'm fried, I've watched so damn many tutorials and read so many threads on this but I can't seem to work it out. I barely know a few basic commands in the console, and the alphabet soup of different directories, programs, and the very language that's used to discuss Linux is too much for me to process. I've learned a lot, but I need some help.

I've built a pretty nice server that's not doing much right now besides NAS storage. I'm running a TrueNAS scale VM on Proxmox, I'm filling it up with all my pirate booty, and I want to watch it through Jellyfin, which I have installed to an LXC container (unprivileged for security, tried it both ways and I can't get it). The problem is, how do I get jelly to see the NAS drive? I don't know how to map it one way or another. I'm running the storage through an HBA in ZFS mirror with an SMB data set that I can see just fine and access in Windows, but jelly seems to just be stuck in it's own little world.

I've seen things about creating users within jelly, which I tried, and it just tells me that the user I supposedly created with SMB credentials doesn't exist. Tried using the GUI to find the NAS via IP, no dice. I'm fucking tired, I've been at it for a week or so now, I just want to watch a movie this weekend.

  • YearOfTheCommieDesktop [they/them]
    ·
    1 year ago

    I mean it's not ideal but I can't think of why it would be an issue. If it breaks then worry about fixing it, imo

    anyhow fuck yea! gl sailing the seas :rat-salute:

    • tactical_trans_karen [she/her, comrade/them]
      hexagon
      ·
      edit-2
      1 year ago

      New problem, Can't connect to the drive from windows now... What have I done?!! aubrey-cry-2

      Edit: Windows was giving me a code, I couldn't even get to a point of entering credentials. I followed a tutorial to get it back up and running. Now I can enter credentials, but it won't accept any of them...

      Edit 2: Now the Jellyfin container won't start! 😭 😭 😭

      Edit 3: Windows can't see the drive again... I'm about done.

      • YearOfTheCommieDesktop [they/them]
        ·
        edit-2
        1 year ago

        Noooo

        hmm. shit.

        well first off, it sounds like there are some issues that can prevent multiple clients from mounting the same share but I havent found a lot of specifics...

        any chance you could check first: is your SMB share set to use ACLs for permissions? I think this would be the Enable ACLs checkbox under advanced options on the smb share. it doesnt necessarily need to be but it chnges how permissions are done

        Then ideally you'd check the logs to see what error the server side is spitting out when it fails. So, get the windows computer ready to try connecting to the share, then run tail -f /var/log/samba4/log.smbd, then try connecting and see what that tail spits out. then Ctrl-C to quit out of the tail.

        could do the same thing for the lxc but if it's not starting maybe best to stick to one problem at a time to start with

        • tactical_trans_karen [she/her, comrade/them]
          hexagon
          ·
          1 year ago

          Okay, so here's what I did. I cleared the ACL on the SMB share, then unchecked the enable ACL box. The LXC finally started again, still don't know what was going on there. I worked and was able to access the NAS just fine and stream things. But once I turned off the ACL it doesn't have access anymore. The tail command gave me this:

          ../../lib/util/access.c:372(allow_access) Denied connection from

          While that was running I tried to log in to the drive through windows, which is still seeing the NAS, but when I type in the password it doesn't even register as an attempt on the log now. Previously my attempts to log on showed up under alerts, now nothing and the connection attempts are non stop from the LXC....

          Update even before I post: I was able to manually enter in the PVE IP as an "allowed" host under the SMB share and now Jellyfin can do its thing. I tried to access the share drive on my phone and it couldn't get on, so I added my phone's IP to the list and it works again. But when I add my main PC's IP to the list it still won't allow access. So it's clearly a setting on my PC now - the tails command still isn't registering any attempt from my PC. I feel like this should only be a temporary fix.

          • YearOfTheCommieDesktop [they/them]
            ·
            edit-2
            1 year ago

            Huh interesting. Well I'm glad it's kinda working at least...

            On the windows PC, are you relying on it to autodetect the share and pop up under "Network" or whatever they call it these days? And if so is it just not appearing or is it appearing but not able to open?

            Or are you manually connecting using the IP and stuff like on linux? It seems like it could make a difference. To manually try opening it you could use the run shortcut, Windows Key+R and then type in the share IP/name like this (backslashes because windows has to be different): \\192.168.x.xxx\Media

            If there's still no connection attempt even registered in the logs when trying that then maybe it's a firewall issue? I don't know how your network is setup or how proxmox handles that sort of thing but that's what I would suspect

            and yeah IP whitelisting is fine if your IPs don't change but unless you've configured static addresses for those devices they eventually will, probably

            • tactical_trans_karen [she/her, comrade/them]
              hexagon
              ·
              1 year ago

              Okay, so I tried a manual connect, it asked for user and password and denied me - it didn't register as an attempt. "TrueNAS" shows up as a network file in windows explorer, when I try to connect it asks for credentials as well, no dice and no blip on the NAS. I'll plink around with my firewall settings and see if I can find something.

              For static IPs, that will come next.

              • YearOfTheCommieDesktop [they/them]
                ·
                1 year ago

                there's one thing you could try but if there's nothing in the logs idk...

                you could try appending a backslash to the user to indicate it's a user on the NAS side not a local user. i.e. for the username put 192.168.x.xxx\ or possibly .\

                https://superuser.com/questions/1616928/windows-10-sends-wrong-user-to-smb-share I would think it would show in the logs though. could be something on the windows side blocking you. Was there any detailed error message on the windows side when you try the connect?

                • tactical_trans_karen [she/her, comrade/them]
                  hexagon
                  ·
                  1 year ago

                  Okay, no dice and no registry of any hits on the NAS for adding slashes. I fiddled around with some credential settings in TrueNAS because one of the error messages said this:

                  Show

                  So I noticed it said 'multiple users with same credentials' so I made a new user for my phone specifically and switched my phone's login to that user, it works fine. I tried my user from my desktop and nothing still. I just tells me I might not have permissions and prompts for a password. For a brief second I was able to log in as root from windows and I saw the media drive, but when I clicked on the folder it prompted me for credentials again and I can't log back in as root again...

                  I'm not sure the link you shared is it, I'll poke around with it though.

                  • YearOfTheCommieDesktop [they/them]
                    ·
                    edit-2
                    1 year ago

                    https://dougrathbone.com/blog/2018/04/02/fixing-broken-samba-sharing-after-installing-the-latest-version-of-windows-10

                    or

                    https://tech.nicolonsky.ch/windows-10-1709-cannot-access-smb2-share-guest-access/

                    might be relevant. the 2nd one makes more sense to me, since maybe the IP-whitelisting causes it to count as a "guest" login?

                    Edit: Honestly not convinced either of those are it. running on almsot no sleep today

                  • YearOfTheCommieDesktop [they/them]
                    ·
                    edit-2
                    1 year ago

                    on further thought, maybe this latest error is a legit permissions issue on the server. does that new user that generated this message work from other devices?

                    digging into the windows-compatible ACL settings is not my forte if it is that