Scharbag
Guru
- Joined
- Feb 1, 2012
- Messages
- 620
In order for your plugin to be able to write to your data datasets/folders it must have..
- access to your data dataset/folders
- permissions to write to your data folders.
1) MAKING DATA ACCESSIBLE TO YOUR PLUGIN'S JAIL
- It is preferred that your data reside on a dataset(s) outside of your jail that you regularly snapshot and backup.
- FreeNAS plugins, by default, have no access to files residing outside of its jail.
2) PERMISSIONS
- Data datasets/folders should be mounted into the plugin's jail as described in the FreeNAS User Guide.
Choose one of the 4 solutions to give your plugin write permission to your data folders.
FACTS
- Every folder/file has a UNIX permission level, UID ownership, and GID ownership, which determines which user/group members can read/write to that folder/file. Basic UNIX permissions are described in the opening part of Chapter 4, Part 4, of the FreeBSD handbook.
- Jails and the FreeNAS host do not share user/group databases. They only associate UIDs/GIDs to users/groups if that mapping exists in it's particular user/group database.
- Processes running inside a jail's userland (plugins) are permitted to read/write files/folders according to the jail's user/group database.
SOLUTION 1 - USER WRITEABLE
- By default, most plugins run as a specific user, with a specific UID, and keep their configuration/databases/logs in what I will refer to as a data-directory.
- SERVICE - USER (UID) - DATA-DIRECTORY
- transmission - transmission (921) - /var/db/transmission
- sabnzbd - media (816) - /var/db/sabnzbd
- sickbeard - media (816) - /var/db/sickbeard
- sickrage - media (816) - /var/db/sickrage
- sonarr - media (816) - /var/db/sonarr
- couchpotato - media (816) - /var/db/couchpotato
- headphones - media (816) - /var/db/headphones
- mylar - media (816) - /var/db/mylar
- xdm - media (816) - /var/db/xdm
- maraschino - media (816) - /var/db/maraschino
- htpc-manager - media (816) - /var/db/htpc-manager
- plexmediaserver - plex (972) - /var/db/plexdata
- emby-server - emby (983) - /var/db/emby-server
- subsonic - media (816) - /var/db/subsonic
- btsync - btsync (817) - /var/db/btsync
- syncthing - syncthing (983) - /var/db/syncthing
SOLUTION 2 - USER WRITEABLE
- Add a user in the FreeNAS WebUI with a matching UID as the plugin's default user.
- Change ownership of the data dataset/folders to the newly added user.
SOLUTION 3 - GROUP WRITEABLE
- In the jail, add a user with a matching UID as the owner of the data dataset/folders.
Code:pw useradd -n USER -u UID -d /nonexistent -s /usr/sbin/nologin- In the jail, change the user the plugin runs as, and change ownership of the data-directory.
Code:service PLUGIN onestop chown -R USER:GROUP /var/db/PLUGIN sysrc 'PLUGIN_user=USER' service PLUGIN start
SOLUTION 4 - OTHER WRITEABLE
- Change permission of the data dataset/folders to allow group writing.
- In the jail, add a group with a matching GID as the group owner of the data dataset/folders.
Code:pw groupadd -n GROUP -g GID- In the jail, add the user the plugin runs as to the newly added group.
Code:pw groupmod GROUP -m USER
- Change permission of the data dataset/folder to allow other writing.
Option 5 - Change the UID of the user that is running the service? That worked for me :)