Jail Storage Permissions Difficulties

[WhirlwindMonk]

Here is the setup I am trying to create: I want a single location where files are downloaded to by both SABnzbd and Transmission, and I want to be able to browse to that location via a CIFS share.

Here is my setup that seems like it should work, but does not.

I have my username, call it WhirlwindMonk, setup. I have a user and a group called transmission, both id 921. I have a user and a group called media, both id 816. transmission also has media added as an Auxiliary group.

I have a dataset created called downloads with the Owner set to WhirlwindMonk and the Group set to media, Owner and Group have full permissions, Other has no permissions. Within this dataset is a folder called Downloads.

I have a CIFS share setup called download$ which points to the downloads dataset, which I can browse and add and delete files and folders under my WhirlwindMonk account.

I have Transmission set up inside a jail with storage added pointing from /media/Downloads to the Downloads folder within the downloads dataset. I set Transmission to download files to /media/Downloads.

I add a torrent (archlinux, in this case, just so I have a torrent I know is working and good), and it tells me "Error: Permission denied (/media/Downloads/[filename].iso)".

I have been beating my head against a wall here for several hours, what am I doing wrong?

 

[KoreanJesus]

Is the Transmission user a member of the media group?

 

[WhirlwindMonk]

Is the Transmission user a member of the media group?

The transmission user has media as an Auxiliary Group, which means the same thing, right?

 

[KoreanJesus]

The transmission user has media as an Auxiliary Group, which means the same thing, right?

Sorry didn't spot that, yeh they mean the same thing, another thing to check is that permissions on the dataset are set recursively

 

[WhirlwindMonk]

Sorry didn't spot that, yeh they mean the same thing, another thing to check is that permissions on the dataset are set recursively

I am about 95% certain I've been checking that box every time I change the permissions on this particular dataset, but I'll do it again when I get home, just to make absolutely certain that isn't the issue.

 

[WhirlwindMonk]

Sorry for the slow response, life got hectic and my project got put on hold.

I just verified, I reset permissions for the dataset, setting them recursively, then tried again with the torrent and it gave me the same permissions error.

 

[Whattteva]

What exactly are the permissions flags you're setting on the dataset?

 

[WhirlwindMonk]

What exactly are the permissions flags you're setting on the dataset?

Owner is my username
Group is media, which includes the Transmission user

Owner and Group have RWX, while Other has nothing.

 

[skidrash]

I have the EXACT same problem, and I've been beating on it for hours. But it looks like I do not have a "transmission" user... I have installed the plugins and added "Storage" to the transmission_1 jail in the exact same fashion (even using the same directories: /media/downloads). And ultimately I end up with the same error when I start a download: "Permission Denied".

'top' says that it is being run by user: transmission grp: wheel, but in the Users list in the FreeNAS web GUI there is no user 'transmission'. It seems to me that I saw it as UID 921 as well at some point (though I can't figure out where I saw that now), so I created a user named 'transmission' with UID 921 and gave it the appropriate alternate group (Family) with the correct permissions to access the share, and still "Permission Denied".

It seems strange that this plugin has been available for so long and so many people use it, and this is the only discussion referencing this very simple problem. Am I just missing something really obvious? I had hoped the plugin system would make this sort of thing dummie-proof but apparently I am evidence to the contrary...

 

[Whattteva]

I think you need to clarify your first post.
As I understand it, you have three users, WhirlwindMonk, transmission, and media. The problem is, you've never specified where you actually created the users/groups (on the FreeNAS host itself or within the transmission jail). This matters because the transmission jail has its own set of users independent from the FreeNAS.

 

[WhirlwindMonk]

The transmission user exists in both the transmission jail and in the main FreeNAS host, with matching ids, as per page 232 of the documentation (http://web.freenas.org/images/resources/freenas9.2.1/freenas9.2.1_guide.pdf). As per step 4 on page 233, I've created the media group so that all of the eventual apps (transmission, sabnzbd, etc.) can access the same download folder.

I just tested it, and if I set the transmission user as the owner of the dataset, it works perfectly, no permissions errors. Change it back so that the transmission user should be getting permission for being a member of the media group and I'm back to square one with that same permission error. So for some reason, the system seems to be failing to verify that transmission is a member of the media group, or failing to verify that the media group has RWX permissions for that dataset.

 

[Joshua Parker Ruehlig]

also something you might want to look into is running transmission or sabnzbd as a different user by adding the option in /etc/rc.conf.local.

this is what I recommend

 

[ThomasDK81]

also something you might want to look into is running transmission or sabnzbd as a different user by adding the option in /etc/rc.conf.local.

this is what I recommend

Could you elaborate this Joshua?

 

[Whattteva]

I think he's referring to the rc.conf startup script.
In it, you'll find the transmission directive lines, such as transmission_enable="YES". One extra line you could use is transmission_user="insert_username_here"

 

[Joshua Parker Ruehlig]

I think he's referring to the rc.conf startup script.
In it, you'll find the transmission directive lines, such as transmission_enable="YES". One extra line you could use is transmission_user="insert_username_here"

exactly, except one detail. I think you'd need to put this in /etc/rc.conf.local because the plugin infrastructure will unknowing delete that line during some of it's functions.

i personally have transmission run as 'media', the same user as sab/sickbeard/CP. if your plugins are in different jails you'd need to create this user in the transmission jail with the UID 816.

the way i setup these plugins is detailed on my blog, you can Google 'jruehlig freenas' if you're interested.

 

[ThomasDK81]

Well tried it out my self.
Created /etc/rc.conf.local in the jail where transmission runs.
Added transmission_user="media"

Then chown'ed the dir where Transmission conf is located.

 

[ThomasDK81]

Thanks :)

 

[Joshua Parker Ruehlig]

Thanks :)

anytime, hope it helps.

 

[WhirlwindMonk]

also something you might want to look into is running transmission or sabnzbd as a different user by adding the option in /etc/rc.conf.local.

this is what I recommend

Sounds like this worked for someone else, so I'll try to find time this evening to test it out on my own system.

Thanks for the help!