Multiple Transmission Jails - Only one seems to have issues with permissions saving to dir

[ViciousXUSMC]

I have up and running 2 Transmission Jails.
One plain and one with a VPN.

I have mounted the same storage to both of them.
The dataset permissions are 775 root/wheel
downloads --> /media/downloads (my download dir for finished torrents)
partialdownloads --> /media/partdownloads (my partial downloads folder)
torrents --> /media/torrents (my watch folder to drop torrent files into)

Based on the big thread I keep finding with google search.
None of my jails should work as I have not setup a common group/uid between the jail where Transmission is the user running the process and root/wheel is the only owner/group that should have permission to write to the downloads folder.

However for reasons unknown both of those jails work fine.

I built a 3rd jail last night so I could record it as a tutorial to put on YouTube, all the same setup and storage maps. And for what ever reason Transmission keeps throwing me an error that it does not have permission to write to the download folder.

I am at a loss, I have no idea why 2 identical jails work, but the newest one does not.

 

[dlavigne]

Were you able to figure this out?

 

[ViciousXUSMC]

Were you able to figure this out?

Yes, I do believe so. I destroyed the jail that had the issue before I rectified it and I destroyed the entire NAS last night to rebuild to a new Array but the issue was this.

For some reason despite the working jail having the same mount points as the broken jail if I did a ls -l /mnt to view the permissions the working jail had full rwx for owner/group/other (777 permissions) thus it had full access to that mount.

The broken jail had only read access under other.

So same config on the jail, same user running the process, same mountpoint but in some fashion the jails had different permissions.

The proper fix was that I did not implement but I plan to do on the rebuild is to find the user running the process that needs access.
I use ps aux to do this. In the case of transmission the user is called transmission.

Then I will go to the /etc/groups file and add transmission to the group for that share that has full access. I will setup my datasets with 775 permissions so that the group has full access and other only has read/execute.

It's more secure than full blown 777 permissions but not as hard to configure as default 755 permissions as I can associate multiple users across multiple jails to the same group to get access.

To do it with default 755 permissions I would have to change the user that runs the process to be same as owner, I think I saw how to do this but have not yet actually 100% verified how to or actually tried it.