# keeping distfiles on remote cifs share (permissions hell)

## ^marcs

Hello,

I want to keep distfiles on samba remote share, but i want to keep it a bit secure, so i dont want to make that share accessible and RW for all.

What i did so far.

Created user "storage" on samba server, made "distfiles" dir in his home directory and shared it only for him and root

```
[distfiles]

comment=Distfiles directory

path = /home/storage/distfiles

read only = no

valid users = storage root
```

Now when I want to upload some files from my local distfiles to remote share, i get an error saying that owner cannot be changed (local 

distfiles are owned by "portage" user) and then all files that lands on server have their ownership changed to "storage". My guess its because "storage" user can't chown files to "portage" user, not sure tho.

So, i mounted it again as root user, then everything went fine, ownership is preserved and everyting is cool - almost...when i emerge something on client and distfile is being downloaded from gentoo mirror i get an error saying it cannot write to distfiles dir .... goooooooosh

```
>>> Emerging (1 of 5) perl-core/Term-ANSIColor-3.20.0

 * Fetching files in the background. To view fetch progress, run

 * `tail -f /var/log/emerge-fetch.log` in another terminal.

bash: /var/portage/distfiles/.__portage_test_write__:Permission denied

>>> Downloading 'gentoo.prz.rzeszow.pl/distfiles/Term-ANSIColor-3.02.tar.gz'

/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Permission denied

>>> Downloading 'http://www.cpan.org/authors/id/R/RR/RRA/Term-ANSIColor-3.02.tar.gz'

/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Brak dostępu

>>> Downloading 'http://search.cpan.org/CPAN/authors/id/R/RR/RRA/Term-ANSIColor-3.02.tar.gz'

/var/portage/distfiles/Term-ANSIColor-3.02.tar.gz: Permission denied

!!! Couldn't download 'Term-ANSIColor-3.02.tar.gz'. Aborting.

 * Fetch failed for 'perl-core/Term-ANSIColor-3.20.0', Log file:

 *  '/var/tmp/portage/perl-core/Term-ANSIColor-3.20.0/temp/build.log'
```

Again im guessing, thats bcos he it fetching on local "portage" user permissions, and he cant write into remote share.

I hope someone get anything from what i said here.

It drives me crazy so any explanation or tips are welcomed.

----------

## cwr

Portage uses lockfiles in /usr/portage/distfiles/.locks, or used to - I haven't checked recently.

It therefore needs write access to the distfiles directory.  I edited /usr/lib/portage/pym/portage.py

and added a PORT_LOCKDIR variable set in make.conf,  which moved the lock to /var/lock/portage,

but all that stuff now seems to be in locks.py

You may have to do something like that, but check a current version of portage first.

Will

----------

## ^marcs

Thanks for reply, but i don't like this solution,  it should be doable another way, just by setting right perms.

Problem is there is thousand places where it can be set.

----------

## keenblade

^marcs, have you found a solution?

I have filed a bug report at b.g.o for very similar problem. Probably the same.

 *Quote:*   

> 
> 
> Again im guessing, thats bcos he it fetching on local "portage" user permissions, and he cant write into remote share.
> 
> 

 

You are right. Since udisks2 is getting rid of /media and instead now using /run/media/$USERNAME/$DEVICE, portage can't write to remote or external storage. Now I can't emerge any package.  

I have an usb disk for distfiles. Since this disk mounted as my user, it seems portage can't write to it for some permission problem. The problem is portage already has the necessary permissions but fails to operate write actions, since the disk  mounted for my regular user.

----------

## Jaglover

If you like challenge CIFS may be the way, but I'd just fire up NFS server for portage on your Samba box.

----------

## John R. Graham

I'm with Jaglover. Also, since CIFS doesn't support the same permissions model as the typical *nix filesystem, it's not going to work perfectly. I use a central NFS share for /usr/portage/distfiles and it works remarkably well. I sync a local copy of the rest of /usr/portage to most machines so that Portage will work when offline, but, I've shared it before as well.

- John

----------

## Jaglover

I'm currently having the whole portage along with distfiles in an NFS share and everything works great, I created user and group gentoo:gentoo in the remote box and mapped it to remote root access.

Regarding using different protocols sharing the same directory it works just fine. Once I had a directory shared over Samba, AFP, NFS and HTTP same time and all worked great.

----------

## ^marcs

 *Quote:*   

> ^marcs, have you found a solution? 

 

Nope, I did too switched to NFS - and it's working just fine  :Surprised: 

----------

