First of all, I'm still learning Unix basics :) so sorry in advance. I had created on my home server ZFS pool by Proxmox as "root". After that I created Linux Mint virtual machine ( with "superuser" as account name), passed-through sas controller and mount the ZFS pool to it. Now I would like to create, modify folders by GUI (Dolphin, Deepin file manager,etc) but I can only view files on it. I tried with this tutorial on youtube but still by Dolphin I can not create new folders or move files on it. Could someone guide me how to make my "superuser" to have all permissions to the pool? How it should be done if I would like to add family users f.ex "kid1" and "kid2" that will have their own folders on it and how to block my certain folders from being viewed by them?
1 Answers
I don't have a good answer for you, other than I have been looking for the exact same thing for about 6 hours today and there is no good way to do it except for using LDAP to manage users across your Proxmox node.
My search led me to rpc.idmapd and idmapd.conf which at first sounds great...just specify which user on your Linux Mint machine corresponds with the user on Proxmox, and they will match up! Wrrrronggggg. I think this serverfault answer was the most eye-opening for me today. What you and I want to do simply requires LDAP or Kerberos.
I learned this first-hand by creating a throwaway "media" user on Proxmox (named cr4dl), who would then own the share at its source
root@cr4dl:/# useradd -M media
root@crfdl:/# chown -R media:media /tank/media
And on my client machine (akin to your Linux Mint), added the following to /etc/imapd.conf per this answer, so that my plex user will have permissions to access the media
[Translation]
Method=static
[Static]
media@cr4dl = plex
Mounted the share on my client and discovered who the real owner had become:
user@maeve:~$ sudo mkdir /mnt/media
### client's /etc/fstab ###
cr4dl:/tank/media /mnt/media nfs rw,auto 0 0
###
user@maeve:~$ sudo mount -a
user@maeve:~$ ls -l /mnt
total 1
drwxrwxr-x 2 ansible ansible 4 Apr 3 21:02 media
Owned by ansible!? Well, on Proxmox the user media is uid=1001, and on the client uid 1001 was my ansible user, not plex (who is 997).
I may not understand it, but at least I see what that guy was talking about with idmapd actually using uid/gid instead of names like it purports it does.
- 1