Permission Denied, while creating node with clean install of Truenas Scale 24.04

Hi, wonder if anyone can help. Just migrated to Truenas Scale, wanting to take advantage of containerised StorJ to operate a node - wasnt expecting to have so many issues given the official guide here to follow.

Following initial config as per guide, and the deploying message, activity stops. Looking at the setup log I have the following.

2024-05-20 11:50:54.743882+01:00Running ./storagenode setup  --config-dir config --identity-dir identity --metrics.interval=30m --version.server-address= --console.address=:14002 --storage.allocated-disk-space=8192GB --operator.wallet=0x2b 
2024-05-20 11:50:54.765691+01:002024-05-20T10:50:54Z	INFO	Anonymized tracing enabled	{"Process": "storagenode"}
2024-05-20 11:50:54.770113+01:00Error: open /app/config/config.yaml2250091597: permission denied

Datasets are all at defaults, with root user and group following the guide to the letter. Uninstalled everything and tried twice now with the same result.

Feels like I have read the entire internet in the last few days, but nothing so far :slight_smile:

What have I missed here - anything I can try? Are these guides out of date?


Do I have to amend the permissions on my created dataset to allow the StorJ app user:group?

Things I have tried:
Clean reinstall
Dropped/recreated datasets - with inherited ACLs and with POSIX
No access to cmd line inside container as its not completing.
Reading the guide 21 times

Im a bit blind here with next steps to diagnose:

Hello @Climbingkid,
Welcome to the forum!

You do not need to drop/clean anything. It’s clearly a permissions issue, so you just need to adjust them.
Since you migrated the node, the permissions were not applied correctly by the app (it do so only on clean setups, not migrated), so you need to figure out, with what user and group your NAS running the load.
I guess it should be apps user. So, I would suggest to change permissions to match it.
For example on my instance it’s apps:apps:

admin@truenas[~]$ ls -l /mnt/data/ix-applications/releases/storj/volumes                     
total 1
drwxr-xr-x 4 root root 4 Apr 30  2023 ix_volumes
admin@truenas[~]$ ls -l /mnt/data/ix-applications/releases/storj/volumes/ix_volumes 
total 17
drwxr-xr-x 5 apps apps 8 May  9 19:33 ix_data
drwxr-xr-x 2 apps apps 8 May  1  2023 ix_identity
admin@truenas[~]$ ls -l /mnt/data/ix-applications/releases/storj/volumes/ix_volumes/ix_data 
total 27
-rw------- 1 apps apps 10392 May  1  2023 config.yaml
drwx------ 4 apps apps     4 May  1  2023 orders
drwxr-xr-x 2 apps apps     2 May  9 19:33 retain
-rw------- 1 apps apps 32768 May  9 19:33 revocations.db
drwx------ 6 apps apps    55 May 20 23:28 storage
-rw------- 1 apps apps   933 May  9 19:33 trust-cache.json
admin@truenas[~]$ ls -l /mnt/data/ix-applications/releases/storj/volumes/ix_volumes/ix_identity 
total 27
-rw-r--r-- 1 apps apps  558 May  1  2023 ca.1682930897.cert
-rw-r--r-- 1 apps apps 1092 May  1  2023 ca.cert
-rw------- 1 apps apps  241 May  1  2023 ca.key
-rw-r--r-- 1 apps apps 1096 May  1  2023 identity.1682930897.cert
-rw-r--r-- 1 apps apps 1630 May  1  2023 identity.cert
-rw------- 1 apps apps  241 May  1  2023 identity.key
  1. Stop the application (do not remove it, it may delete your data altogether)
  2. Login to a terminal
  3. Change the owner for the data and identity locations:
sudo chown apps:apps -R /mnt/<dataset name>/path/to/data
sudo chown apps:apps -R /mnt/<dataset name>/path/to/identity
  1. Start the app and check logs
1 Like

Sweet! Worked flawlessly. I think there needs to be a refresh of the official Truenas Scale guide to include this - as my pool was freshly created, none of these permissions, if required, are present by default and needed adding.

Many thanks, on my way to the next steps, much appreciated Alexey


For freshy added yes, it’s not needed. But you migrated your data from another device and the owner was wrong.

Hi - not quite. I migrated my data off, rebuilt the pool from scratch, restored each dataset into the new pool - so the root pool permissions are were the defaults. In fact I did it twice (its complicated, apparently root pool should no longer be encrypted) both times had teh same outcome.


However, they weren’t apps:apps at the end, right?