Transmission Jail Access / Permissions

[PiP]

Hello there,

Not sure if what I am trying to do is possible / sensible, but will attempt to explain for forum comment and direction.

Running 9.1

I have a plugin jail (/mnt/NAS/jails_2): bit_1
Storage source: /mnt/NAS/media/_torrent
Storage destin: /usr/pbi/transmission-amd64/etc/transmission/home/Downloads

Transmission is configured using download directory: /usr/pbi/transmission-amd64/etc/transmission/home/Downloads

All is working, however I wish to restrict 'general' user access to files in /media/_torrents (I move files from this directory to /media and intend to allow general user access to this directory only.

ls -l _torrent:
drwxrwxrwx 33 40002 40002 40 Sep 16 20:06 _torrent
Was going to change owner of the _torrent directory but once I realised it is presently a jail user (40002) am thinking this will break the whole thing and stop transmission from working.

As I see it, while maintaining transmissions ability to rwx to this directory I need to somehow change owner and or group to restrict general user access (from outside the jail) with the exception of one user (me) who will have access to both.

Outside the jail there are a number of users, each with own user name and associated group. media is also a user, of which all other users are group members.

Very much beyond my abilities to rationalise. Any help appreciated.

 

[Dusan]

Transmission should not stop working if you only change the owner or the group of the directory. To accomplish what you need do this outside the jail:

1. chmod o= /mnt/NAS/media/_torrent (to remove permission for others)
2. either chown or chgrp the directory to your user ID / group

 

[PiP]

Transmission should not stop working if you only change the owner or the group of the directory. To accomplish what you need do this outside the jail:

1. chmod o= /mnt/NAS/media/_torrent (to remove permission for others)
2. either chown or chgrp the directory to your user ID / group

Did as suggested Dusan and now transmission not working.

Reports (via the transmission gui) Error: Permission denied (/usr/pbi/transmission-amd64/etc/transmission/home/Downloads/test.mp3)

Interesting that it got part way through before reporting error (i.e. the download started).

Ideas on what is needed to fix or how I return back to original owner / group?

Thanks

 

[Dusan]

Chmod / chgrp also work with numeric IDs, so you can chmod 40002 / chgrp 40002 to return it back.

 

[PiP]

Chmod / chgrp also work with numeric IDs, so you can chmod 40002 / chgrp 40002 to return it back.

thanks Dusan, have done that - on its own transmission still not working, but additional chmod 777 _torrent did.

At some point transmission turned off (which I returned to 'on' via the web gui)

Any further ideas?

 

[Dusan]

I quickly installed transmission to check it and this should work.

1. chmod o= [directory] (to remove permissions for others)
2. chgrp [group of your user] [directory] (run this outside the jail to give access to yourself)
3. chown transmission [directory] (run this inside the jail (jexec) to make sure transmission can access it)

 

[PiP]

Sorry for my ignorance just to confirm here the last step:

jexec 1 chown userxxx _transmission

doesn't work. (no such file or directory)
full path per above is: /mnt/NAS/jails_2/bit_1/usr/pbi/transmission-amd64/etc/transmission/home/Downloads, not sure what I should be entering?

 

[Dusan]

Do jexec 1 csh to open a shell inside the jail. Then do chown transmission /mnt/NAS/jails_2/bit_1/usr/pbi/transmission-amd64/etc/transmission/home/Downloads
transmission is the user/account the transmission deamon uses

 

[PiP]

Thanks Dusan - I think that has nailed it. Appreciate your patience and efforts.

I'm still ignorant why chown 40002 outside jail <> chown transmission inside jail - if you are able to explain that I'll be better for it.

Thanks again

 

[Dusan]

Maybe 40002 isn't the user ID of transmission. Do ls -l on the directory outside the jail to find out.