C
corey
Guest
Hi all,
I'm sure a few of you would recognize my voice, but probably not my name. I thought I would post up here with something I found out.
In the process of creating the FreeNAS Plugins Configuration video, I’ve discovered an unforeseen bug in FreeNAS that causes funny problems with permissions. Specifically, volumes that have a mountpoint in the jail can be affected by this glitch. I’ve notified the development team, but I don’t know when a permanent fix is coming. For the time being, I found this to be a functional workaround for Transmission and probably also miniDLNA.
The underlying problem seems to be that the daemons running Transmission and miniDLNA will pick a GID that doesn’t exist in the base system, and only exists in the jail, and the workaround is to create a group in the base system with the same GID, and then use chflags to keep the dataset’s permissions from changing again.
From a completely fresh install on bare metal, these were our steps to get transmission to work.
I hope this will help someone looking! I've also noticed posts about the umask in the Transmission JSON settings, and that may also be worth looking into. I was using 8.2P1 for this.
I'm sure a few of you would recognize my voice, but probably not my name. I thought I would post up here with something I found out.
In the process of creating the FreeNAS Plugins Configuration video, I’ve discovered an unforeseen bug in FreeNAS that causes funny problems with permissions. Specifically, volumes that have a mountpoint in the jail can be affected by this glitch. I’ve notified the development team, but I don’t know when a permanent fix is coming. For the time being, I found this to be a functional workaround for Transmission and probably also miniDLNA.
The underlying problem seems to be that the daemons running Transmission and miniDLNA will pick a GID that doesn’t exist in the base system, and only exists in the jail, and the workaround is to create a group in the base system with the same GID, and then use chflags to keep the dataset’s permissions from changing again.
From a completely fresh install on bare metal, these were our steps to get transmission to work.
I hope this will help someone looking! I've also noticed posts about the umask in the Transmission JSON settings, and that may also be worth looking into. I was using 8.2P1 for this.
Code:
1. Change administrator password 2. Create ZFS mirror from two 3.0TB disks 3. Extend volume with mirrored array of remaining two 3.0TB disks 4. Create a ZFS dataset to put the plugins jail in (called Jail, no options) 5. Create a parallel dataset, called ‘plugins’ for plugins archive (no options) 6. Create a third parallel dataset, called ‘transmission’ for the downloads (no options) 7. Create a new user, (mine was username 'corey'), set a password, aux group ‘nobody’ 8. Add CIFS share named ‘transmission’, sharing dataset ‘transmission’ (no options - make sure it’s using Unix ACLs) 9. Set guest user to 'corey' 10. Enable CIFS service 11. Configure plugins a. Jail path to jail dataset b. name jail c. set unused IP on network d. /16 netmask e. plugins path to plugins dataset 12. Turn plugins service on 13. Change permissions on 'transmission', owner corey, group 'nobody', 755 permissions, recursive 14. Connect to the share on PCBSD and create 'Downloads' (watch is Downloads) directory under 'transmission' (This will also test to see if permissions are working correctly) 15. Create an empty file - ‘transmission.log’ - in the 'transmission' share 16. Install the transmission PBI 17. Add mount point, source 'transmission' (dataset), destination '/usr/pbi/transmission-amd64/etc/transmission/home' (this already has preset folders for data) 18. jexec into jail a. Use command vipw to find GID of transmission 19. Make new group in base system with same GID 20. Add the new transmission group as aux group to user you want to authenticate with 21. Navigate with the tree menu to transmission settings a. Browse for log file, enable rpc authenticaion, user ‘corey’, set password b. File defaults are already set and match mount point 22. Turn on transmission 23. Change dataset permissions back to 755 corey:nobody (in case they were reset, as mine were) 24. Connect in the browser to jailip:9091, user and password 25. On PCBSD, drop a torrent file into the watch directory. It should change the extension to .added, and you should see it start in the transmission webGUI 26. In FreeNAS, verify one last time that the permissions are still correct, and then in the webshell, run the command ‘# chflags schg /path/to/directory’ to lock the permissions and prevent further changes.