SMB/CIFS external storage access does not update

Nextcloud version: 21.0.3
Operating system and version: Debian 10 (buster)
nginx version: nginx/1.14.2
PHP version: 7.3

We are using Nextcloud as a kind of front-end for our samba shares, which, for the most part, works quite well. Basically, we have the LDAP/AD integration app installed, which lets users authenticate against the AD provided by our samba instance. Then, shares are mounted as external storages, through SMB/CIFS globally. What a given user can see is controlled by ACLs managed in Windows.

Nextcloud seems to handle this quite well, it shows only the files that a user has permissions to see and in general behaves almost perfectly.

There is just the slight problem of changes in permissions and the like.

  • For example, I noticed that when a user is granted permission to a new directory somewhere in the samba share, the change is not immediately visible in Nextcloud. I have since found a solution to this by reading the documentation. Now I run files_external:notify in the background constantly (as a systemd service) and it seems to be working.

  • The new problem I am facing is what happens when a user is granted additional permissions (or has lost permissions) due to a change in the groups they are in. files_external:notify does not pick up this change, since no file permissions or contents change. It is merely that a user is now a member of a group it previously was not. It seems that Nextcloud only picks up the change after I do a complete file scan for the user (ie file:scan myuser).

  • What is funny is that it seems that directories in the root of the shares immediately show up and disappear in Nextcloud as I add/remove the user from the group that has permissions for the directory. However, this does not happen already in a subdirectory only one level down from the root. Only file:scan helps.

I do not really want to execute a file:scan --all via cron every so often, since these external storages are quite huge and each scan takes forever. Isn’t there another way to make Nextcloud realize new directories / files are accessible since the group membership change?

Thanks in advance.

I hate to ask since I’m not able to answer your question, but would you be willing to share your systemd configuration for files_external:notify? I imagine there might be a gotchya or two with how permissions (sudo) are handled, the fact it has to be run as www-data, etc.

You would really think by this point there would just be a checkbox next to where you configure the share mount that handles this automatically…

salve ragazzi, AIUTO ho sempre utilizzato Openmediavault per la condivisione locale dei miei file in Windows con il classico protocollo SMB, quindi ho installato Nextcloudpi per accesso da remoto ma alcune cartelle della condivisione SMB risultano vuote. E’ stato facile trovare tutorial per installare e far funzionare il container Nextcloud con Docker e Portainer attraverso Openmediavault, però non è facile trovare aiuto per i problemi! Questo problema delle cartelle vuote l’ho già risolto aggiungendo all’utente SMB i diritti di appartenenza al gruppo www-data ma adesso si ripresenta su una altro server dati e non riesco a risolvere e vorrei un aiuto o un consiglio