Y'all are trans, and I know how much you trans Zoomers code (no idea if that's a Linux thing or not tho), so I thought I might try Hexbear for some tech help. I'm fried, I've watched so damn many tutorials and read so many threads on this but I can't seem to work it out. I barely know a few basic commands in the console, and the alphabet soup of different directories, programs, and the very language that's used to discuss Linux is too much for me to process. I've learned a lot, but I need some help.

I've built a pretty nice server that's not doing much right now besides NAS storage. I'm running a TrueNAS scale VM on Proxmox, I'm filling it up with all my pirate booty, and I want to watch it through Jellyfin, which I have installed to an LXC container (unprivileged for security, tried it both ways and I can't get it). The problem is, how do I get jelly to see the NAS drive? I don't know how to map it one way or another. I'm running the storage through an HBA in ZFS mirror with an SMB data set that I can see just fine and access in Windows, but jelly seems to just be stuck in it's own little world.

I've seen things about creating users within jelly, which I tried, and it just tells me that the user I supposedly created with SMB credentials doesn't exist. Tried using the GUI to find the NAS via IP, no dice. I'm fucking tired, I've been at it for a week or so now, I just want to watch a movie this weekend.

  • YearOfTheCommieDesktop [they/them]
    ·
    edit-2
    11 months ago

    Noooo

    hmm. shit.

    well first off, it sounds like there are some issues that can prevent multiple clients from mounting the same share but I havent found a lot of specifics...

    any chance you could check first: is your SMB share set to use ACLs for permissions? I think this would be the Enable ACLs checkbox under advanced options on the smb share. it doesnt necessarily need to be but it chnges how permissions are done

    Then ideally you'd check the logs to see what error the server side is spitting out when it fails. So, get the windows computer ready to try connecting to the share, then run tail -f /var/log/samba4/log.smbd, then try connecting and see what that tail spits out. then Ctrl-C to quit out of the tail.

    could do the same thing for the lxc but if it's not starting maybe best to stick to one problem at a time to start with

    • tactical_trans_karen [she/her, comrade/them]
      hexagon
      ·
      11 months ago

      Okay, so here's what I did. I cleared the ACL on the SMB share, then unchecked the enable ACL box. The LXC finally started again, still don't know what was going on there. I worked and was able to access the NAS just fine and stream things. But once I turned off the ACL it doesn't have access anymore. The tail command gave me this:

      ../../lib/util/access.c:372(allow_access) Denied connection from

      While that was running I tried to log in to the drive through windows, which is still seeing the NAS, but when I type in the password it doesn't even register as an attempt on the log now. Previously my attempts to log on showed up under alerts, now nothing and the connection attempts are non stop from the LXC....

      Update even before I post: I was able to manually enter in the PVE IP as an "allowed" host under the SMB share and now Jellyfin can do its thing. I tried to access the share drive on my phone and it couldn't get on, so I added my phone's IP to the list and it works again. But when I add my main PC's IP to the list it still won't allow access. So it's clearly a setting on my PC now - the tails command still isn't registering any attempt from my PC. I feel like this should only be a temporary fix.

      • YearOfTheCommieDesktop [they/them]
        ·
        edit-2
        11 months ago

        Huh interesting. Well I'm glad it's kinda working at least...

        On the windows PC, are you relying on it to autodetect the share and pop up under "Network" or whatever they call it these days? And if so is it just not appearing or is it appearing but not able to open?

        Or are you manually connecting using the IP and stuff like on linux? It seems like it could make a difference. To manually try opening it you could use the run shortcut, Windows Key+R and then type in the share IP/name like this (backslashes because windows has to be different): \\192.168.x.xxx\Media

        If there's still no connection attempt even registered in the logs when trying that then maybe it's a firewall issue? I don't know how your network is setup or how proxmox handles that sort of thing but that's what I would suspect

        and yeah IP whitelisting is fine if your IPs don't change but unless you've configured static addresses for those devices they eventually will, probably

        • tactical_trans_karen [she/her, comrade/them]
          hexagon
          ·
          11 months ago

          Okay, so I tried a manual connect, it asked for user and password and denied me - it didn't register as an attempt. "TrueNAS" shows up as a network file in windows explorer, when I try to connect it asks for credentials as well, no dice and no blip on the NAS. I'll plink around with my firewall settings and see if I can find something.

          For static IPs, that will come next.

          • YearOfTheCommieDesktop [they/them]
            ·
            11 months ago

            there's one thing you could try but if there's nothing in the logs idk...

            you could try appending a backslash to the user to indicate it's a user on the NAS side not a local user. i.e. for the username put 192.168.x.xxx\ or possibly .\

            https://superuser.com/questions/1616928/windows-10-sends-wrong-user-to-smb-share I would think it would show in the logs though. could be something on the windows side blocking you. Was there any detailed error message on the windows side when you try the connect?

            • tactical_trans_karen [she/her, comrade/them]
              hexagon
              ·
              11 months ago

              Okay, no dice and no registry of any hits on the NAS for adding slashes. I fiddled around with some credential settings in TrueNAS because one of the error messages said this:

              Show

              So I noticed it said 'multiple users with same credentials' so I made a new user for my phone specifically and switched my phone's login to that user, it works fine. I tried my user from my desktop and nothing still. I just tells me I might not have permissions and prompts for a password. For a brief second I was able to log in as root from windows and I saw the media drive, but when I clicked on the folder it prompted me for credentials again and I can't log back in as root again...

              I'm not sure the link you shared is it, I'll poke around with it though.

              • YearOfTheCommieDesktop [they/them]
                ·
                edit-2
                11 months ago

                https://dougrathbone.com/blog/2018/04/02/fixing-broken-samba-sharing-after-installing-the-latest-version-of-windows-10

                or

                https://tech.nicolonsky.ch/windows-10-1709-cannot-access-smb2-share-guest-access/

                might be relevant. the 2nd one makes more sense to me, since maybe the IP-whitelisting causes it to count as a "guest" login?

                Edit: Honestly not convinced either of those are it. running on almsot no sleep today

                • tactical_trans_karen [she/her, comrade/them]
                  hexagon
                  ·
                  11 months ago

                  Please don't stay up on my account!!! It's fixed!! Somehow... no idea how honestly. But I had a scare with my VPN settings stopping all traffic on firefox for a minute, couldn't figure out what the deal was so I did a restore to yesterday. Now everything works!

              • YearOfTheCommieDesktop [they/them]
                ·
                edit-2
                11 months ago

                on further thought, maybe this latest error is a legit permissions issue on the server. does that new user that generated this message work from other devices?

                digging into the windows-compatible ACL settings is not my forte if it is that

                • tactical_trans_karen [she/her, comrade/them]
                  hexagon
                  ·
                  11 months ago

                  Testing things, yep, everything is working and I'm able to load new video files onto the NAS at ~1.7 Gb/s using my 2.5Gb/s connection; Jellyfin is working fine, I can access things from my phone or PC. We are good to gooooo! Thank you so very much for all your help, you really didn't have to go through all this. <3

                  • YearOfTheCommieDesktop [they/them]
                    ·
                    11 months ago

                    damn I'm a little jealous of that 2.5Gb/s lol. I never bothered with anything past GbE

                    I used to have fiber but new place is dogshit cable

                    • tactical_trans_karen [she/her, comrade/them]
                      hexagon
                      ·
                      11 months ago

                      Yeah, it's pretty nice. I built a new rig because I was still on a 4th gen Intel and a GTX 960, and I wired up my home with cat6 on the cheap. My new MB has 2.5 built in so I bought a cheap PCIe 2.5gb card for the server and it rips. It comes in handy for loading a whole season of a tv show onto the server, but everything else in my network has gigabit.