So I'm new to everything but I want to learn as best as I can, sorry if some of my doubts are dumb.
I've read some docs and some posts but I don't have clear some things. Some things I have understood/questions:
1) Every directory/file has a user owner and a group owner. This will allow/deny permission to specific actions (i.e. write, read...)
This is can be changed with the command
2) A user can be inside multiple groups therefore he inherits permissions from the groups he's in.
3) Every User and Group has an ID, this is how the system recognize them, names are only for us humans, right?
4) There are some default users. The media one is the one I need to understand the most as I want to setup a media server. What makes this user special? why does it have this 8675309 as ID? Just a joke, right? Why in the docs 14.3.3 is said that this user allows more sharing capabilities? Is it just because it's a normal user created with that purposes in mind, so that if I want to create another alternative media_user2 it will be possible as long as I set the right permissions at the right directories? Or maybe it has some other special features I don't know?
5) And now jails, this is where it get's messy to me. Let's assume I want to create a jail with transmission inside, being able to download to a folder outside the jail.
5.1) Are there users and group ONLY inside the jail? In this Post is stated: "Jails and the FreeNAS host do not share user/group databases. They only associate UIDs/GIDs to users/groups if that mapping exists in it's particular user/group database." So, let's say I ssh into the jail, I will be allowed to do it as long as I use a user that is in the jail database of user (with ssh permissions ofc) and that said user is plausible that exists only inside that jail but not in FreeNAS, right?
5.2) Following point 5.1 and 4, so maybe the user media 8675309 is exactly a default user that is always created in every jail so it's easier to setup directories permissions between FreeNAS and jails?
5.3) And what about this command: sysrc transmission_user=XXX this just sets up the plugin I'm installing to run as said user right? so that it's able to run on directories it has permissions on, right? Being media 8675309 the default user also in the majority of this type of plugins make life easier as long as you use media 8675309. So I would be able to change it whenever I want. If i create a new user inside and also inside the jail and give this user right directories permissions, right?
5.4) After creating the jail, it's possible to map a folder inside the jail with this and to modify this folder permissions you simply have to modify permissions ONLY on the outside folder, right?
5.5) The user of point 5.3 is a user inside the jail database of user? If yes how is it possible to allow this user access to a folder outside of the jail? You should maybe link this user inside the jail to a user outside the jail? And in this case how can you link a user from inside a jail to outside? I mean with which command?
5.6) And the last thing I don't understand is this:
what is exec_jail_user? and exec_system_user? and login_flags?
Thank you very much for your time and patience.
I've read some docs and some posts but I don't have clear some things. Some things I have understood/questions:
1) Every directory/file has a user owner and a group owner. This will allow/deny permission to specific actions (i.e. write, read...)
This is can be changed with the command
Code:
chown xxx user_name:group_name path_to_folder
2) A user can be inside multiple groups therefore he inherits permissions from the groups he's in.
3) Every User and Group has an ID, this is how the system recognize them, names are only for us humans, right?
4) There are some default users. The media one is the one I need to understand the most as I want to setup a media server. What makes this user special? why does it have this 8675309 as ID? Just a joke, right? Why in the docs 14.3.3 is said that this user allows more sharing capabilities? Is it just because it's a normal user created with that purposes in mind, so that if I want to create another alternative media_user2 it will be possible as long as I set the right permissions at the right directories? Or maybe it has some other special features I don't know?
5) And now jails, this is where it get's messy to me. Let's assume I want to create a jail with transmission inside, being able to download to a folder outside the jail.
5.1) Are there users and group ONLY inside the jail? In this Post is stated: "Jails and the FreeNAS host do not share user/group databases. They only associate UIDs/GIDs to users/groups if that mapping exists in it's particular user/group database." So, let's say I ssh into the jail, I will be allowed to do it as long as I use a user that is in the jail database of user (with ssh permissions ofc) and that said user is plausible that exists only inside that jail but not in FreeNAS, right?
5.2) Following point 5.1 and 4, so maybe the user media 8675309 is exactly a default user that is always created in every jail so it's easier to setup directories permissions between FreeNAS and jails?
5.3) And what about this command: sysrc transmission_user=XXX this just sets up the plugin I'm installing to run as said user right? so that it's able to run on directories it has permissions on, right? Being media 8675309 the default user also in the majority of this type of plugins make life easier as long as you use media 8675309. So I would be able to change it whenever I want. If i create a new user inside and also inside the jail and give this user right directories permissions, right?
5.4) After creating the jail, it's possible to map a folder inside the jail with this
Code:
iocage fstab -a JAIL_NAME "/mnt/volume/folder_outside" "/mnt/folder_inside" nullfs rw 0 0
5.5) The user of point 5.3 is a user inside the jail database of user? If yes how is it possible to allow this user access to a folder outside of the jail? You should maybe link this user inside the jail to a user outside the jail? And in this case how can you link a user from inside a jail to outside? I mean with which command?
5.6) And the last thing I don't understand is this:
what is exec_jail_user? and exec_system_user? and login_flags?
Thank you very much for your time and patience.
