[How-To] Giving Plugins Write Permissions to Your Data

Status
Not open for further replies.

Pilbromatic

Dabbler
Joined
Feb 23, 2018
Messages
11
I believe CP download data would have been setup in its database. If you restored that file and don't see info, can you add a movie and have it save? It has been quite awhile since I have used CP.

Hey cool yep I found the issue - for some reason I needed to re-add my storage under jails. I did that and CP appears to be working fine now :)

Got a little more playing to get Transmission working, then looks like quite a bit more work to get Plex playing nice. I think I'm on track for now though. Cheers!
 

Pilbromatic

Dabbler
Joined
Feb 23, 2018
Messages
11
Ok I've fixed Plex! :D The trouble is, I'm not 100% sure what I did... General idea below (probably lots of unneccessary steps):

After removing Plex and its jail, I reinstalled it in the web GUI.
I started Plex using service plexmediaserver start (or possibly onestart; whichever works)
I checked it was running with service plexmediaserver status
Stopped with service plexmediaserver stop (or possibly onestop)
Then went ls -l /var/run to check my permissions
There are several lines listed, but the two in question are:
drwxr-xr-x 2 plex wheel (date/time) plex
-rw-rw-rw- 1 root wheel (date/time) plexmediaserver_fcgi_server.pid
Changed permissions with chown -R media:media /var/run/plex (I knew this wasn't the correct UN/PW but wanted to try it anyway)
Changed permissions with chown -R media:media /var/run/plexmediaserver_fcgi_server.pid
(By the way, this is all per this post: https://forums.freenas.org/index.php?threads/plex-plugin-works-but-won't-start.38867/)
Then I read Joshua's comment about not changing the fcgi line
I checked in the GUI the relevant permissions on my movies folder which is root:media
Changed permissions with chown -R root:media /var/run/plex
ls -l /var/run now shows:
drwxr-xr-x 2 root media (date/time) plex
-rw-rw-rw- 1 media media (date/time) plexmediaserver_fcgi_server.pid

Then from root@FreeNAS I ran this command to restore my config (see my post above about this):
cp -iprv "/root/backups/plexdata/Plex Media Server/Preferences.xml" "/mnt/media/plexmediaserver_1/var/db/plexdata/Plex Media Server/"

From there I couldn't get the server to start. Interestingly enough, browsing to <ip>:32400 worked, however it didn't show this server, only my other Plex server.
Changed permissions BACK with chown -R root:wheel /var/run/plexmediaserver_fcgi_server.pid
Still couldn't get the service to start
***Then via the GUI, I restarted the jail*** (key point)
Typed service plexmediaserver status, discovered service is running
Tried browsing to server and it now works!

Sadly, my settings haven't copied correctly (eg media locations and watch history) but at least it's working now. Incidently, now CP isn't showing its logo and is showing OFF in the GUI, but it appears to be working. Unsure if it has write permissions as of yet - I'll leave that for another day. Transmission is still complaining about write permissions too; but I think I've done enough for one day.

TO ADD: I just refreshed my browser a couple of times and now all three plugins are showing down the left. CP sometimes says ON, sometimes it says OFF. CP logo also decides to appear or disappear (both down left and under Plugins) when refreshing browser. Odd. Status with SSH shows running. Will continue to observe.


EDIT: I also just noticed Plex was getting playback errors when trying to play media (my previous version was probably outdated). Easy fix - just click on the three dots next to your media folder and hit Analyse. This gets Plex to download the relevant codecs for the media.

Thanks for everyone who has helped me with this. Hopefully my info above can help others.
 
Last edited:

Benc

Dabbler
Joined
Nov 5, 2015
Messages
37
I have a problem with plex writing to media folders. I followed solution 3 and set media dataset to 775 and group medius. Then I added users sonarr, radarr and plex to medius group (in freenas and inside jail and with same GID). For sonarr and radarr this is working fine and can add files without problem. But not for plex. Not even if I set permissions to 777.

I did all permission/ownership changes from freenas CLI, and changes are properly shown inside jail, but I can't do any changes inside jail. I always get 'read-only file system error' while in sonarr or radarr jail works fine.

Does it matter that media folder is also a windows share? I added windows user to medius group so I have access to media files.
 

Benc

Dabbler
Joined
Nov 5, 2015
Messages
37
OK, I found it. I never noticed plex has media folders mounted as read-only.
 

Cytomax

Explorer
Joined
Nov 29, 2015
Messages
67
First of all thank you for the guide and thank you for keeping the emby plugin updated

Just wanted to let you know
Fresh Install of FreeNAS 11.1 U5
New install of emby from plugins
No other plugins installed

cat /etc/passwd shows
emby:*:989:989:Emby:/nonexistent:/usr/sbin/nologin

so i think the uid and gid are different than what you mention in your original post


2nd Thing

by default the Volumes in freenas are
Owner User > root
Owner Group > wheel

I logged into the cli of the jail and typed

pw groupmod wheel -m emby

essentially adding user "emby" to the group "wheel"

i rebooted the jail and it worked like a charm
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
First of all thank you for the guide and thank you for keeping the emby plugin updated

Just wanted to let you know
Fresh Install of FreeNAS 11.1 U5
New install of emby from plugins
No other plugins installed

cat /etc/passwd shows
emby:*:989:989:Emby:/nonexistent:/usr/sbin/nologin

so i think the uid and gid are different than what you mention in your original post


2nd Thing

by default the Volumes in freenas are
Owner User > root
Owner Group > wheel

I logged into the cli of the jail and typed

pw groupmod wheel -m emby

essentially adding user "emby" to the group "wheel"

i rebooted the jail and it worked like a charm
awesome, glad it worked. ahh, i doubt the UID number changed, i must have been mistaken and will fix it. thanks!
 

nemisisak

Explorer
Joined
Jun 19, 2015
Messages
69
Hi everyone, I have a problem with a plex jail after transfering the metadata to my new jail where I believe the user permission is root rather than plex

Code:
ls -l /usr/local/plexdata/"Plex Media Server"/

Code:
drwxr-xr-x  4 root  plex	4 Jul  7 13:05 Metadata


So from what a gather in this thread all I have to do is;
Code:
chown -R plex:plex /usr/local/plexdata/"Plex Media Server"/


Is this correct. I just want to confirm as I dont want to brick my Jail. Also will this apply permissions recursively within the folder?

Thanks
 

Joshua Parker Ruehlig

Hall of Famer
Joined
Dec 5, 2011
Messages
5,949
Hi everyone, I have a problem with a plex jail after transfering the metadata to my new jail where I believe the user permission is root rather than plex

Code:
ls -l /usr/local/plexdata/"Plex Media Server"/

Code:
drwxr-xr-x  4 root  plex	4 Jul  7 13:05 Metadata


So from what a gather in this thread all I have to do is;
Code:
chown -R plex:plex /usr/local/plexdata/"Plex Media Server"/


Is this correct. I just want to confirm as I don't want to brick my Jail. Also will this apply permissions recursively within the folder?

Thanks
Is plex running as a plugin or pkg/port. That folder I believe would be different with the plugin.
That command looks close, I believe this is correct though. Yes, the '-R' makes it recursive within that folder.
Code:
chown -R plex:plex "/usr/local/plexdata/Plex Media Server"/
 

suivax

Cadet
Joined
Apr 20, 2018
Messages
9
Running Plex on FreeNAS 11.1, installed from ports.

I ran into some weird permissions issue where my files had been modified and Plex media server wouldn't start at all. Tried all the solutions above and nothing worked. I found this to be my fix and thought I'd pass it on to others.

navigate to this file and modify the user / group as necessary to work for your installation:

/usr/local/etc/rc.d/plexmediaserver_plexpass

: ${plexmediaserver_plexpass_enable:=NO}
: ${plexmediaserver_plexpass_support_path="/usr/local/plexdata-plexpass"}
: ${plexmediaserver_plexpass_user="plex"}
: ${plexmediaserver_plexpass_group="plex"}
: ${plexmediaserver_plexpass_maxplugins=6}
 

par

Explorer
Joined
Sep 26, 2013
Messages
92
I have a lot of confusion in 11.2-BETA trying to split my data up into different datasets. Here's what I did:
  1. created a dataset "Test" under an existing dataset "Tank" that is working with everything
  2. created a test file "test1" via a Jail command line
  3. tested the datatest "Test" over Samba network share which is a different user, could not access the folder
  4. changed dataset "Test" owner from root to the user that the Samba share uses
  5. Samba share can now write to "Test" and created test file "test2"
  6. the Jail user can only see "test1" and the Samba user can only see "test2"
What is the simplest way to have multiple datasets where Jails can access everything, Samba can access everything, but Plugins can only access certain datasets?

Also what are all these different users/groups that are in FreeNAS by default? news, man, games, etc - am I really supposed to mix these in with the actual custom users that I want to use? Can I just delete all these defaults? Why are they even there?

How do the new 11.2 plugins manage data like configs/logs? There are a bunch of generic mount points provided by default but I don't understand the implications of backup/upgrade/restore of this mechanism and I can't find it documented.

If it would be better to start a separate thread let me know! I have been trying to figure out the best practices for the new plugin system and want to use datasets whereas before I just had one big group writable directory.
 

Attachments

  • mountpoints.PNG
    mountpoints.PNG
    51.6 KB · Views: 1,048
  • users.PNG
    users.PNG
    18.7 KB · Views: 899

Sliphorn

Cadet
Joined
Oct 3, 2016
Messages
9
Hey folks,

I'm trying to wrap my head around FreeNAS jails, Unix commands, etc., and I feel like I'm starting to absorb some basic concepts - but I do not come from a coding background. In light of that, here's what I'm trying to do. I'm trying to set up Syncthing via FreeNAS-11.1-U5, Syncthing plugin.

1. I've added storage correctly (I think)
2. I've attempted to use solution 2, following all commands correctly

The thing I don't understand is that Syncthing may need to run and have the same permissions as the owner of the files it's attempting to sync. Is this correct? I have set recursive permissions on all files and folders in my "Shares" tree, which is where I keep all of my SMB shares for easy access via a PC.

In the Syncthing GUI I get this message:

2018-10-02 11:22:44: Failed to create folder marker: mkdir /media/Backups/.stfolder: permission denied

What I don't understand is this: Do I need to change the file/folder ownership of everything in "Shares" to UID Syncthing (983) and GID Syncthing (983)? Then what would happen to my access to the shares via a PC? I would prefer not to hose the entire system with a bad guess.

What commands may I run to give you folks the info you need to help? And thanks in advance for any help.
 
Last edited:

Sliphorn

Cadet
Joined
Oct 3, 2016
Messages
9
I have a lot of confusion in 11.2-BETA trying to split my data up into different datasets. Here's what I did:
  1. created a dataset "Test" under an existing dataset "Tank" that is working with everything
  2. created a test file "test1" via a Jail command line
  3. tested the datatest "Test" over Samba network share which is a different user, could not access the folder
  4. changed dataset "Test" owner from root to the user that the Samba share uses
  5. Samba share can now write to "Test" and created test file "test2"
  6. the Jail user can only see "test1" and the Samba user can only see "test2"
What is the simplest way to have multiple datasets where Jails can access everything, Samba can access everything, but Plugins can only access certain datasets?

Also what are all these different users/groups that are in FreeNAS by default? news, man, games, etc - am I really supposed to mix these in with the actual custom users that I want to use? Can I just delete all these defaults? Why are they even there?

How do the new 11.2 plugins manage data like configs/logs? There are a bunch of generic mount points provided by default but I don't understand the implications of backup/upgrade/restore of this mechanism and I can't find it documented.

If it would be better to start a separate thread let me know! I have been trying to figure out the best practices for the new plugin system and want to use datasets whereas before I just had one big group writable directory.

I don't know if this is helpful, but I understand there are some bugs with 11.2 BETA. I was on it for a while and had a world of problems with plugins and jails. It's unfortunate that FreeNAS steers the downloads default to this beta, and I had to redo my entire rebuild when I found out about the bugs. Best of luck.
 

oumpa31

Patron
Joined
Apr 7, 2015
Messages
253
FreeNAS 11.1 U6 stable

New to FreeNAS but not completely new. I've read 95% of this post and tried quite a few things. I have Plex Pass and a HDhomerun. I had plex recording on my windows plex without an issue but i needed more room so i decided to build a FreeNAS Plex server / NAS. I set myself up users and groups and put all my media in folders that Plex has no issues reading. The issue i am having is that Plex wont record the shows off of the "tv"
Below is what everyone seams to state needs to be changed. So here are my settings for this.

drwxr-xr-x 2 plex wheel (date/time) plex
-rw-rw-rw- 1 root wheel (date/time) plexmediaserver_fcgi_server.pid

My storage was set up under root wheel and everything has been set to 777.

im at a loss i tried setting PLEX to root/wheel, media/wheel, and media/media and i restarted the jail each time. nothing i did would let me record from plex. It just kept telling me that it didn't have write access. I would really like to be able to get plex off my windows machine just because all it is doing right now is being my live tv dvr
 

peter_cd.cn

Dabbler
Joined
Feb 9, 2018
Messages
39
Having trouble with radarr writing to a folder mounted to radar jail. Here are my debug logs so far. I can add more if need:
From freenas:
Code:
vi /etc/passwd
radarr:*:352:1003:radarr Jail:/nonexistent:/bin/csh

vi /etc/group
radarr:*:1002:
jail_media_group:*:1003:radarr

ls -l /mnt/tank1/Media/
drwxrwxr-x   64 root	jail_media_group	 68 Nov 17 14:39 Movies

ls -l /mnt/tank1/Media/Movies/
drwxrwxr-x  2 root	  jail_media_group		   3 Mar 16  2018 The.Wolf.of.Wall.Street.2013.1080p

mount
/mnt/tank1/Media/Movies on /mnt/tank1/iocage/jails/radarr/root/mnt/movies (nullfs, local, read-only)


From radarr jail:
Code:
vi /etc/passwd
radarr:*:352:352:radarr:/nonexistent:/usr/bin/nologin

vi /etc/group
jail_media_group:*:1003:radarr

root@radarr:/ # ls -l /mnt
total 34
drwxrwxr-x  64 root	jail_media_group  68 Nov 17 14:39 movies



I think the problem is at the 'mount' in freenass. Why does it say read-only? How do I change that?

I am trying to use solution 3 the group write option. Appreciate the help.
 

Theogermal

Cadet
Joined
Dec 19, 2018
Messages
8
Can somebody help? I've tried all 4 solutions and none of them have worked, I know I've had it working in the past but annoyingly had to do a full reinstall shortly afterwards.

The problem I'm having is with Sonarr and Radarr, getting the message "Folder is not writable by user sonarr/radarr"
 

Charlie86

Explorer
Joined
Sep 28, 2017
Messages
71
  • Add a user in the FreeNAS WebUI with a matching UID as the plugin's default user.
  • Change ownership of the data dataset/folders to the newly added user.

Please excuse my n00b question.

Am trying to set Transmission on my freenas box having some problems with premissions.
I did install transmission plugin, but under user and grup list I can not find any user associated to Transmission.

If I run command ps aux in jail I get

root@transmission_1:/ # ps aux
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 31598 0.0 0.2 144012 40200 - SJ 21:33 0:02.63 /usr/pbi/tran
root 31647 0.0 0.0 10464 1928 - IsJ 21:33 0:00.01 /usr/sbin/sys
root 31713 0.0 0.0 12564 1848 - IsJ 21:33 0:00.01 /usr/sbin/cro
transmission 79736 0.0 0.0 82800 7436 - SsJ 21:54 0:00.27 /usr/pbi/tran
root 88751 0.0 0.0 19676 3012 1 SsJ 22:24 0:00.01 /bin/csh
root 88754 0.0 0.0 21244 2096 1 R+J 22:24 0:00.00 ps aux
root@transmission_1:/ #

tl.dr

I want to know what user ID is transmission using so I can set chmod to 775 and add Transmission user to be a member of group that owns torrent directory.

Thanks :)
 

diskdiddler

Wizard
Joined
Jul 9, 2014
Messages
2,374
  • Change permission of the data dataset/folders to allow group writing.
  • In the jail, add a group with a matching GID as the group owner of the data dataset/folders.
    • Code:
      pw groupadd -n GROUP -g GID
  • In the jail, add the user the plugin runs as to the newly added group.
    • Code:
      pw groupmod GROUP -m USER

I added the group media as an owner of my FreeNAS server download directory.
/mnt/SSD/download (dataset) - applied permission recursively.

0PL0iTR.png




I went into my sabnbd jail and DELETED my existing group "media"
I then created a group media, with the same weird FreeNAS 11.2 UID thing.


"pw groupadd -n media -g 8675309"

Then I added
"pw groupmod media -m _sabnzbd"

Then I rebooted the jail.
Still my old Sabjail, can not download due to permissions issues.
"Cannot change permissions of /media/incomplete "

I truly have immense difficulty with these permissions :(
 

diskdiddler

Wizard
Joined
Jul 9, 2014
Messages
2,374
I continue to have problems with this.

root@sabnzbd_2:~ # pw groupshow media
media:*:8675309:_sabnzbd,media,root,nobody



root@sabnzbd_2:~ # exit
logout
root@freenasnew[/mnt/SSD/download]# pw groupshow media
media:*:8675309:MYUSERNAME,media



Note I used the same weird ID # when making the group

root@freenasnew[/mnt/SSD/download]# ls -l
total 99
drwxrwxrwx+ 2 nobody media 2 Jan 20 12:05 _blackhole
drwxrwxrwx+ 7 nobody media 209 Dec 7 20:56 browsers
drwxrwxrwx+ 7 nobody media 7 Jan 20 11:58 complete
drwxrwxrwx+ 2 nobody media 2 Jan 21 17:14 incomplete
drwxrwxrwx+ 3 nobody media 3 Dec 1 21:51 jdownloader



root@sabnzbd_2:/media # ls -l
total 99
drwxrwxrwx+ 2 nobody media 2 Jan 20 12:05 _blackhole
drwxrwxrwx+ 7 nobody media 209 Dec 7 20:56 browsers
drwxrwxrwx+ 7 nobody media 7 Jan 20 11:58 complete
drwxrwxrwx+ 2 nobody media 2 Jan 21 17:14 incomplete
drwxrwxrwx+ 3 nobody media 3 Dec 1 21:51 jdownloader
root@sabnzbd_2:/media #



(SabNZBD)
“Cannot change permissions of /media/incomplete”


Someone, please explain what on earth I’m doing wrong?
 

yomismo

Dabbler
Joined
Sep 18, 2013
Messages
41
Change permission of the data dataset/folder to allow other writing.

note this is not correct since all new files and folders will be read only for others even if the dataset is like this
1548752064430.png


Code:
ls -l
total 1943921
-rw-r--r--  1 transmission  921  1999503360 Jan 29 10:04 ubuntu-18.10-desktop-amd64.iso
 
Last edited:

Daniyal

Dabbler
Joined
Mar 4, 2019
Messages
18
Hi! I followed the instructions on the original thread to create a new group in sonarr (ensuring GID was identical to that of the shared folder) to write to the shared media folder however this kept returning an error that 'sonarr cannot write to this folder'.

As this was not working I thought of adding a new user and followed the instructions above to create a new user in sonarr (same GID as shared folder use) and switch the user profile however I still get the message that the user is unable to write to the folder when I try to add the shared folder to sonarr.

Not sure what I did wrong so I went back to check the GID and whether if what I entered mirrored that of the accounts created in FreeNAS. While conducting this exercise I realised the user profile created under FreeNAS did not have write permissions, so I assigned those and restarted the sonarr plugin hoping I had fixed the issue but to no avail.

I am clueless about what I'm doing wrong or whether if any additional steps are required on my part. Would appreciate any help I can get in diagnosing the issue.

Thank you!
 
Status
Not open for further replies.
Top