New NAS. Installation-Shares-Permissions

Sky12016 · January 7, 2018, 11:13pm

Hello to the community.

I am about to build my first home server using Rockstor and I have a few questions.

First a small intro:
I am planning to install and run Rockstor off USB and use a raid1 pool for file storage, media server etc. The clients will be mainly windows and linux so SMB will be preferred.
So far I have been doing a lot of reading and bookmarking on installation, configuration, user permissions and hardware selection.
My data drives (hdd sata3) are already configured as windows software mirrors.

The plan:
After backing up my data; I am going to break the mirror, take one of the disks, wipe it using dban and then connect it to my Rockstor server.
Then I will connect the other mirrored drive via USB and try to copy the data from NTFS to BTRFS using linux command line. Doing the same over smb network for about 3TB of data I have a feeling it won’t be easy.
Hopefully I will then be able to create a raid1 pool connecting my second drive (wiping it also) while preserving all the copied data.

1st question
Will I be able to add the second disk and create the raid1 without losing the data on first disk?

2nd puzzle
I want my hard drive (pool) to have a number of folders like movies, shows, docs etc which will all be managed (read/write permissions) from windows client(s).
What is the best and recommended way to create those folders in order to copy my data on them via command line?
Should I create a share for every folder using Rockstor webUI?
Should I create the folders using command line?
Should I create the folders from windows file explorer after having first configured a samba share that will host them all?

3rd question
I have two identical USB flash drives. I was thinking of mirroring on them (mdraid) the rockstor installation. Is this doable?

4th question
When creating/changing files on the server using windows clients are permissions being overwritten? I am basically asking this because I want all windows-created files/folders to retain the parent folder permissions that I will assign when I create the share.

Sorry for the long post and thanks in advance for any help.

Carl_Banks · January 8, 2018, 4:53am

Why do you want to dban wipe the drives before adding to a BTRFS pool? I don’t think this is necessary.

1st question, yes. Although it won’t be ‘raid1’ until you add the second disk to the ‘pool’ by resizing it and modifying the raid level.

2nd, I use one ‘share’ using the SAMBA service so I can have one network mapped drive. I organised files from different computers using windows explorer to create a new folder structure. The only time I used the command line was to rsync some folders from a Linux system.

3rd, I didn’t pay that much attention to the installer when configuring my system disk. You could add the second usb drive to the system btrfs pool. Not sure how to properly configure it for booting if the boot area of the first isn’t available.

4th, file level permissions can get complicated real fast and cause headaches. Share level permissions are much easier IMHO.

Hope that helps some.

Sky12016 · January 8, 2018, 10:22am

Hi and thanks for the reply,

Well, as for the dban wipe and the usb boot mirror; they are both listed processes in the official documentation so I will try them and see how it goes.

As for the shares; I want to map different network shares in windows so the folders must be discoverable and viewable. The folder structure you create using windows is it properly recognised in Rockstor (centos/linux)? Because I want to select the folders from command line in order to copy my data over from NTFS mount.

When you say “share level” permissions I am assuming you are referring to Rockstor webUI share configuration right? And once you set those; all the folders/files you create from windows adhere to these permissions?

Carl_Banks · January 8, 2018, 4:35pm

Only have a quick min.

Re disk wiping:

All partition or whole disk wiping is accomplished from the Disk Role Configuration screen and only an active selection can be wiped. If a partition or whole disk entry is not active, first select it and Submit this selection, this will change the “active” selection. Note that changing the “active” selection of a device can cause data loss so please consider this action carefully and read the configuration page warnings before proceeding. In the case of btrfs in partition some safeguards are in place and appropriate warning messages will indicate their presence: consequently there are restrictions on what can be done and in what order, especially in the case of an existing btrfs partition.

Sky12016 · January 8, 2018, 8:37pm

Yes I have been through that. However this does not cover NTFS partitions which is my case.

How about the rest of the issues I asked you about?

phillxnet · January 8, 2018, 8:45pm

@Carl_Banks Hello again.

It’s sometimes funny seeing ones words quoted verbatim. Although in this case there was no quote or reference. I’ll pop it in here for context:

Currently 3rd paragraph under subsection Wiping a Partition or Whole Disk within the Disks section of the Docs.

I think what @Sky12016 was referencing re DBAN was from the Pre-Install Best Practice (PBP) howto: subsection Wiping Disks (DBAN):

“A popular tool to securely erase HDDs prior to their deployment or disposal is Darils Boot and Nuke. This tools essentially writes to every part of a disks surface and in the process exercises the drive across it’s entire working area. This like the Memory Test (memtest86+) will stress the system; in this case the drives selected for wiping. The purpose here is to first remove all data on the existing drives and second to test that the drive is able to write to all it’s available sectors, it is often the case that a drive is unaware of an issue with itself, via the built in SMART system, until it attempts to write to a faulty sector. In fact this can trigger a drives build in ability to allocate spare sectors reserved for this very purpose.”

@Sky12016 Welcome to the Rockstor community.

I would avoid using the current method for mdraid for system disk as it does entail quite a lot of hoop jumping. @Carl_Banks this is how we addressed your keen point on redundancy in booting media given btrfs is not well served that way, or in fact at all in our re-badged CentOS/RedHat anaconda installer. Forum member @HBDK recently debugged and prove the method, see the following forum thread:

and their consequent pull request on our rockstor-doc repo:

https://github.com/rockstor/rockstor-doc/pull/178

Also note that the USB bus is not well regarded reliability wise so it might be easier to just start out with a single USB device and make sure you store no data on it, ie keep all data on you data disks. And on the point of USB devices that are appropriate, Rockstor is essentially a CentOS install with a NAS app pre-installed plus some scripts. As such it is not light weight and so you will want to use a fairly fast USB key such as the Sandisk Extreme USB 3.0 or the like and to make sure that it has wear levelling. A regular cheap key will not cut it and you may experience time outs and failed services, aside form a really slow experience. We have had many forum members not look back once they moved to a more capable system device that that offered by ‘regular’ USB keys, ie regular small hdd or ssd/msata etc.

Also as @Carl_Banks exclamation indicates, pre DBANing is a more extreme measure but well founded never-the-less. Note that it will take ages (many hours per drive) and may just be over the top in a home scenario. Plus the indicated wipe mechanism within Rockstor’s Web-UI is instant, but will only wipe the relevant fs / partition signatures / info: hence the security indicators in the DBAN paragraph above.

OK, bit of post time overlap and I see you have just posted the following:

If you select whole disk (default and recommended) when using the build in wipe it should work as intended. Under the hood it simple executes a “wipefs -a devname”:

github.com

rockstor/rockstor-core/blob/master/src/rockstor/system/osi.py#L819-L827


      
              elif re.match("DHCP4.OPTION.*:domain_name_servers = .+", l) is not None:
                  config["dns_servers"] = l.split("= ")[1]
              elif re.match("DHCP4.OPTION.*:subnet_mask = .+", l) is not None:
                  config["netmask"] = l.split("= ")[1]
              elif re.match("IP4.GATEWAY:.+", l) is not None:
                  config["gateway"] = l.split(":")[1]
          
          
elif config["method"] == "manual":
              # manual

Hope that helps.

Carl_Banks · January 8, 2018, 9:10pm

@phillxnet I just did a quick copy/past from your guide that I remembered from reviewing for my own install as I only had a moment before heading out. Still learning Discourse as well

I never got to http://rockstor.com/docs/pre-install-howto/pre-install-howto.html#pre-install as I jumped right in after reading the first five links in the ToC. I wonder how many people find pre-install under how-tos if they assume like I did the first four ToC links are all that is needed.

PP Edit:
Sorry @Sky12016, your permissions question still hasn’t been answered. I’ll leave the answers to someone who can explain it better than I.

Sky12016 · January 8, 2018, 10:35pm

Hello @phillxnet and thanks for your input.

Yes the dban method is the one you mentioned. But if you say that my NTFS drive (connected to motherboard’s sata port) will automatically be recognised in Rockstor webui so that I will be able to wipe it from there prior to inserting it in a pool; then great! I will do just that. I was under the impression that it had to be mounted for it to be listed in the webui.

With regard to the installation I will follow your advice and invest in a small ssd for booting and not setting any mdraid.

Hey @Carl_Banks. Apart from permissions; the file creation and folder structure on rockstor filesystem under windows works well for you? And I mean that you don’t get any weird denial of access whatsoever?

Regards.

phillxnet · January 8, 2018, 10:54pm

@Carl_Banks

So not sure whats happened there then as it is the first link in the first line of the second entry in the “Table of contents” (well within your your ‘first four’ ) it’s the Quick start section whose intro sentence is:

“Please take note of the information in our Pre-Install Best Practice (PBP) guide, though not strictly required it may help in avoiding problems encountered during install.”

and the next section is the Minimum system requirements.

Maybe you are viewing the docs from somewhere other than their home site which is at: http://rockstor.com/docs/

Thanks for the feedback though and we do definitely have work to do on the docs, especially from a consistency point of view. I intend to put some more time in that direction when other commitments allow.

Carl_Banks · January 8, 2018, 11:50pm

When I work files (create / move) from windows over SAMBA there are no permission issues.

When I use cli from within Linux and I create files or move files as a user that doesn’t have the same group permissions as the SAMBA server/user I get read and or write permission issues.

I was focusing on the top left ToC
I spent more time on the Installation Page than the Quick Start and must have spead read / clicked right past the link you mentioned.

Also, I think when I first visited this area of the site I clicked direct to the Minimum Requirements under quick start. With the # tag it loads that page just under the pre-install note. lol the small things…
http://rockstor.com/docs/quickstart.html#minimum-system-requirements