[How-To] Giving Plugins Write Permissions to Your Data

Status
Not open for further replies.

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
OK, my next question is why isn't the correct UID not being associated with the user Jails when created? Just like previously, when I edit /etc/group, it returns Jails:*:1003:.

Here's what I get when read the user information from chpass Jails:
Code:
#Changing user information for Jails.                                        
Login: Jails                                                                 
Password: *                                                                  
Uid [#]: 1003                                                                
Gid [# or name]: 1003                                                        
Change [month day year]:                                                     
Expire [month day year]:                                                     
Class:                                                                       
Home directory: /nonexistent                                                 
Shell: /usr/sbin/nologin                                                     
Full Name: User &                                                            
Office Location:                                                             
Office Phone:                                                                
Home Phone:                                                                  
Other information:   
you jail is associating the Jails user to UID 1003 correctly. But your files are still owned by UID 1002. Change the owner of those files if 1003 is what you want to use.
Code:
chown -R Jails /media
 

sdgenxr

Contributor
Joined
Sep 4, 2014
Messages
131
That did it! I greatly appreciate your time and effort in helping with this!

Quick question, what went wrong when I added the user to the jail? Should I add the chown command to the steps for option 2?
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
That did it! I greatly appreciate your time and effort in helping with this!

Quick question, what went wrong when I added the user to the jail? Should I add the chown command to the steps for option 2?
I wrote..
"In the jail, add a user with a matching UID as the owner of the data dataset/folders."
so you just didn't match the owner of the dataset/folders.
 

sdgenxr

Contributor
Joined
Sep 4, 2014
Messages
131
Ok, I think I'm getting it now. Let's say that the owner of the dataset is root, should I have created a new user called root with the correct UID in the jail? Or am I better off using a new user just for access to the files within the jails?
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
Ok, I think I'm getting it now. Let's say that the owner of the dataset is root, should I have created a new user called root with the correct UID in the jail? Or am I better off using a new user just for access to the files within the jails?
'root' (UID = 0) would already exist in your jail by default. Don't run services with root if you can avoid it.

Instead either..
  1. run the 'chown -R' command on your files
  2. create a user in FreeNAS (with matching UID) and set ownership of the dataset there.
 

sdgenxr

Contributor
Joined
Sep 4, 2014
Messages
131
If I create a user (Jails) in FreeNAS, would that have any affect on the sharing of those files?
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
If I create a user (Jails) in FreeNAS, would that have any affect on the sharing of those files?
by sharing you mean CIFS/NFS? Yes, CIFS/NFS will eiterh access those files as a specific user, or by default, map to a local user. This user would also need the ability to read/write the files depending on what you want to do.
 

sdgenxr

Contributor
Joined
Sep 4, 2014
Messages
131
Thank you very much for explaining all of this to me!
 

Stevins

Cadet
Joined
Jul 16, 2014
Messages
4
Hey Josh, great thread man. Im pretty new at UNIX as well. Unfortunately Im having a similar issue as sdgenxr. I have read only access to my completed/incompleted folders in the /var/db/sabnzbd/Downloads of my Sabnzbd Jail. I created a user and group named "SABNZBD - User" and assigned the user 816 as the UID for that user. I also gave owner/group/other full control - read/write/execute permissions. Im not sure what else Im doing incorrectly. Any guidance would be greatly appreciated :)
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
Hey Josh, great thread man. Im pretty new at UNIX as well. Unfortunately Im having a similar issue as sdgenxr. I have read only access to my completed/incompleted folders in the /var/db/sabnzbd/Downloads of my Sabnzbd Jail. I created a user and group named "SABNZBD - User" and assigned the user 816 as the UID for that user. I also gave owner/group/other full control - read/write/execute permissions. Im not sure what else Im doing incorrectly. Any guidance would be greatly appreciated :)
I'm sorry I don't understand your problem fully.
  • Are there any datasets mounted into your sabnzbd jail?
  • what's having read only access, sabnzbd? some other plugin? some sharing protocol?
  • when you say you gave owner/group/other read/write/exectue, you did that to what a dataset? folder?
 

CraftyClown

Patron
Joined
Apr 5, 2014
Messages
214
Hello Josh,

I'm using method 2, but when I try to chown USER:GROUP I'm getting an illegal group name error

The user I want to set as the plugin owner is Richard:Media

Should I remove Richard from the Media group?


root@mylar_2:/ # pw useradd -n Richard -u 5689 -d /nonexistent -s /usr/sbin/nolo
gin
root@mylar_2:/ # service mylar onestop
Stopping mylar.
Waiting for PIDS: 7918.
root@mylar_2:/ # chown -R Richard:Media /var/db/mylar
chown: Media: illegal group name
root@mylar_2:/ #
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
Hello Josh,

I'm using method 2, but when I try to chown USER:GROUP I'm getting an illegal group name error

The user I want to set as the plugin owner is Richard:Media

Should I remove Richard from the Media group?


root@mylar_2:/ # pw useradd -n Richard -u 5689 -d /nonexistent -s /usr/sbin/nolo
gin
root@mylar_2:/ # service mylar onestop
Stopping mylar.
Waiting for PIDS: 7918.
root@mylar_2:/ # chown -R Richard:Media /var/db/mylar
chown: Media: illegal group name
root@mylar_2:/ #
the "Media" group doesn't exist in the jail unless you create it. the jail will have a "media" group (UID 816), is that what you mean?
 

CraftyClown

Patron
Joined
Apr 5, 2014
Messages
214
Ha ha ha, I don't know whether to laugh or cry!

Mylar now seems to have it's permissions sorted, but now my Windows user 'Richard' doesn't have permission to delete files!

This is my ls -l / | grep media for the Mylar jail

root@mylar_2:/ # ls -l / | grep media
drwxrwxr-x+ 59 Richard media 59 Mar 1 12:03 Comics
drwxrwxr-x+ 3 Richard media 13 Mar 4 19:26 Downloads
drwxrwxr-x+ 2 Richard media 2 Mar 4 18:59 Torrents
drwxr-xr-x 2 root wheel 2 Jul 11 2014 media
root@mylar_2:/ #
 

CraftyClown

Patron
Joined
Apr 5, 2014
Messages
214
Urghhh, scratch that. Following a windows reboot I have windows access, however I was mistaken before, Mylar still doesn't have proper permissions :(
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
Urghhh, scratch that. Following a windows reboot I have windows access, however I was mistaken before, Mylar still doesn't have proper permissions :(
is mylar running as Richard (ps aux)
this is what the sysrc command was for.
are the files it needs to modify owned by Richard?
 

CraftyClown

Patron
Joined
Apr 5, 2014
Messages
214
I think Mylar is running as Richard...

root@mylar_2:/ # ps aux
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 62939 0.8 0.0 17572 3416 0 SsJ 12:42AM 0:00.01 /bin/csh
root 7981 0.0 0.0 12092 1872 ?? SsJ 12:30AM 0:00.00 /usr/sbin/syslogd
Richard 8042 0.0 0.1 189624 29704 ?? SJ 12:30AM 0:01.37 /usr/pbi/mylar-amd
root 8053 0.0 0.0 14188 1872 ?? IsJ 12:30AM 0:00.00 /usr/sbin/cron -s
root 8277 0.0 0.2 163752 42420 ?? IJ 12:30AM 0:02.69 /usr/pbi/mylar-amd
root 62948 0.0 0.0 16300 2140 0 R+J 12:42AM 0:00.00 ps aux
root@mylar_2:/ #

The user of my dataset is definitely Richard
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
I think Mylar is running as Richard...

root@mylar_2:/ # ps aux
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 62939 0.8 0.0 17572 3416 0 SsJ 12:42AM 0:00.01 /bin/csh
root 7981 0.0 0.0 12092 1872 ?? SsJ 12:30AM 0:00.00 /usr/sbin/syslogd
Richard 8042 0.0 0.1 189624 29704 ?? SJ 12:30AM 0:01.37 /usr/pbi/mylar-amd
root 8053 0.0 0.0 14188 1872 ?? IsJ 12:30AM 0:00.00 /usr/sbin/cron -s
root 8277 0.0 0.2 163752 42420 ?? IJ 12:30AM 0:02.69 /usr/pbi/mylar-amd
root 62948 0.0 0.0 16300 2140 0 R+J 12:42AM 0:00.00 ps aux
root@mylar_2:/ #

The user of my dataset is definitely Richard
what files is it having permission errors with? can you run 'ls -l /path/to/files'
 

CraftyClown

Patron
Joined
Apr 5, 2014
Messages
214
Well it looks ok..

drwxrwxr-x+ 2 Richard Richard 33 Mar 4 17:57 Saga (2012)
drwxrwxr-x+ 2 Richard Richard 25 Mar 3 10:28 Sex (2013)
drwxrwxr-x+ 2 Richard Richard 15 Mar 3 10:28 Sex Criminals (2013)
drwxrwxr-x+ 2 Richard Richard 12 Mar 3 10:21 Southern Bastards (2014)
drwxrwxr-x+ 2 Richard Richard 46 Mar 5 00:09 Stray Bullets (1995)


But mylar is throwing this permissions related error..

2015-03-05 01:00:17ERRORUncaught exception: Traceback (most recent call last):
File "/usr/pbi/mylar-amd64/share/mylar/mylar/mylar/logger.py", line 159, in new_run
old_run(*args, **kwargs)
File "/usr/pbi/mylar-amd64/lib/python2.7/threading.py", line 763, in run
self.__target(*self.__args, **self.__kwargs)
File "/usr/pbi/mylar-amd64/share/mylar/mylar/mylar/importer.py", line 446, in addComictoDB
shutil.copy(coverfile,comiclocal)
File "/usr/pbi/mylar-amd64/lib/python2.7/shutil.py", line 120, in copy
copymode(src, dst)
File "/usr/pbi/mylar-amd64/lib/python2.7/shutil.py", line 91, in copymode
os.chmod(dst, mode)
OSError: [Errno 1] Operation not permitted: '/Comics/Supreme Blue Rose (2014)/cover.jpg'
 
Status
Not open for further replies.
Top