"share" dataset between two jails

[marian78]

Hi,

i search help for my "problem".

system:
Freenas 9.1.1 :)
plugins: ownCloud, Plex, Transmission

Have one dataset "media" ("/mnt/volume1/media", "media" have permissions 770 myuser:mygroup), where are all my files (music, videos, documents).

What is my problem :( :
i want, that all my plugins, Transmission, ownCloud and Plex, can make new files, delete files or read files from that one dataset without set permissions to "chmod -R 777 or 775 /mnt/volume1/media". I want set "media" permission to 770 (because CIFS rights for users).

example: from my phone i uploaded photos with ownCloud. Then i start Plex client, and i want to see this photos in library. Or, i downloaded some photos with Transmission, and i want to see in ownCloud and Plex library.

How set in system or in jail permissions? Or is there any help, how to change ID of user:group (plex:plex, transmission:transmission, www:www) in jail?

Thx for yours help,

Marian.

 

[Dusan]

Why don't you try this:

• Create a media group with the same group ID in FreeNAS and in every jail (in FreeNAS use the GUI, in the jails run pw groupadd media -g <id>).
• Change group of /mnt/volume1/media to media, permissions 770.
• Add the plex, transmission and www users to the media group (run pw usermod <user> -G media in the respective jail).

 

[marian78]

Thx for your answer.

I will try and post result.

 

[marian78]

Hi, i try your tip and it working. Thx, you are genius.

Can you explain why is work ? Thx.

 

[Dusan]

Hmm, it's basic Unix permission stuff. All the permissions checks are based on the IDs and not names, so that's why you had to use the same group ID (you could actually name the group differently in each jail and it would still work if the IDs were the same). The rest is easy, 770 means that whoever is member of the media group has full access and you add the users to that group. PM me if it still doesn't make sense, I'll probably be able to explain in better in Slovak ;).

 

[marian78]

i start conversation with you, thx. Marian.

 

[anika200]

Hello,
I linked this thread in my subsonic thread, hope nobody minds. It is a nice concise conversation and explanation that I think will help some people, so I linked it there. :)

 

[jat255]

Why don't you try this:

• Create a media group with the same group ID in FreeNAS and in every jail (in FreeNAS use the GUI, in the jails run pw groupadd media -g <id>).
• Change group of /mnt/volume1/media to media, permissions 770.
• Add the plex, transmission and www users to the media group (run pw usermod <user> -G media in the respective jail).

Sorry to resurrect this, but I'm hoping someone might be able to help. I am having similar permissions issues trying to access my FreeNAS dataset from owncloud.

Here's my setup (I'm using a group called private rather than media like was used above):

In the owncloud jail:
root@owncloud_1:/media/josh/files # id www
uid=80(www) gid=80(www) groups=80(www),1003(private)

In FreeNAS:
[root@freenas /mnt/freenas_storage/private]# id josh
uid=1001(josh) gid=1001(josh) groups=1001(josh),1003(private)
[root@freenas /mnt/freenas_storage/private]# ll /mnt/freenas_storage/private
total 88
drwx--x--x 4 guest guest - 4 Jan 1 13:15 ./
drwxrwxrwx 6 nobody nogroup - 6 Jan 1 20:53 ../
drwxrwx--- 3 josh private - 4 Jan 1 22:18 josh/
Question:
I have both the owncloud www user and the FreeNAS josh user in the 1003(private) group, and the share (/mnt/freenas_storage/private/josh) is mounted within the owncloud data structure (/media/josh/files). I then have it set as an external storage (local) from the owncloud admin panel, but using the OwnCloud GUI, I cannot even see the directory, nevermind write files. Any idea where my error is?
Thanks.

 

[anika200]

Sorry to resurrect this, but I'm hoping someone might be able to help. I am having similar permissions issues trying to access my FreeNAS dataset from owncloud.

Here's my setup (I'm using a group called private rather than media like was used above):

In the owncloud jail:
root@owncloud_1:/media/josh/files # id www
uid=80(www) gid=80(www) groups=80(www),1003(private)

In FreeNAS:
[root@freenas /mnt/freenas_storage/private]# id josh
uid=1001(josh) gid=1001(josh) groups=1001(josh),1003(private)
[root@freenas /mnt/freenas_storage/private]# ll /mnt/freenas_storage/private
total 88
drwx--x--x 4 guest guest - 4 Jan 1 13:15 ./
drwxrwxrwx 6 nobody nogroup - 6 Jan 1 20:53 ../
drwxrwx--- 3 josh private - 4 Jan 1 22:18 josh/
Question:
I have both the owncloud www user and the FreeNAS josh user in the 1003(private) group, and the share (/mnt/freenas_storage/private/josh) is mounted within the owncloud data structure (/media/josh/files). I then have it set as an external storage (local) from the owncloud admin panel, but using the OwnCloud GUI, I cannot even see the directory, nevermind write files. Any idea where my error is?
Thanks.

Hello jat255,
I would be interested to see your permissions on the mount point from within the Owncloud jail. For instance:

Code:

sonic@subsonic:/ % ll
total 249
-rw-r--r--    1 root  wheel  532 Dec 31  1969 +COMPACT_MANIFEST
-rw-r--r--    2 root  wheel  1014 Dec  4  2012 .cshrc
-rw-r--r--    2 root  wheel  256 Dec  4  2012 .profile
-r--r--r--    1 root  wheel  6203 Dec  4  2012 COPYRIGHT
drwxr-xr-x    2 1011  1011    47 Sep 16 08:28 bin/
drwxr-xr-x    7 1011  1011    40 Sep 16 08:28 boot/
dr-xr-xr-x  12 root  wheel  512 Jan  2 09:47 dev/
drwxr-xr-x  20 1011  1011    103 Jan  1 11:23 etc/
lrwxr-xr-x    1 root  1011      8 Sep 16 12:31 home@ -> usr/home
drwxr-xr-x  15 1000  100      57 Sep 16 09:54 lame-3.99.5/
drwxr-xr-x    3 root  wheel    48 Dec  4  2012 lib/
drwxr-xr-x    3 root  wheel    5 Sep 15 23:14 libexec/
drwxr-xr-x    2 root  wheel    2 Dec  4  2012 media/
drwxr-xr-x    2 root  wheel    2 Dec  4  2012 mnt/
drwxr-xr-x  455 sonic  users  460 Dec 29 16:00 music/
drwxr-xr-x  22 sonic  users    29 Dec 29 16:15 pictures/
dr-xr-xr-x    1 root  wheel    0 Jan  2 10:19 proc/
drwxr-xr-x    2 root  wheel  142 Dec  4  2012 rescue/
drwxr-xr-x    5 root  wheel    11 Sep 16 12:44 root/
drwxr-xr-x    2 root  wheel  130 Dec  4  2012 sbin/
lrwxr-xr-x    1 root  wheel    11 Dec  4  2012 sys@ -> usr/src/sys
drwxr-xr-x    2 root  1011      2 Sep 29 19:25 test/
drwxr-xr-x    2 root  1011      2 Sep 16 18:07 testing/
drwxrwxrwt  11 root  wheel    13 Jan  2 09:48 tmp/
drwxr-xr-x  17 1011  1011    17 Sep 16 12:31 usr/
drwxr-xr-x  23 root  wheel    23 Jan  2 09:48 var/
sonic@subsonic:/ %

Shows my music folder (which is shared /nas1/media folder with users as the group) as created via the webgui under >> jails >> ad storage.
Is yours similiar?

Just a thought, did you check the "mounted ?" option in the add storage panel?

 

[jat255]

Hello jat255,
I would be interested to see your permissions on the mount point from within the Owncloud jail
....
Is yours similiar?

My mount point (in the owncloud jail) is /media/josh/files/Josh. The permissions are 770 with owner:group of josh:private. I'm pretty sure that I need to retain ownership of that folder, or else my CIF share will not work, right?

root@owncloud_1:/media/josh/files # ll
total 11
drwxrwx--- 3 1001 private 4 Jan 1 22:18 Josh/

Any thoughts?

 

[anika200]

That looks like it should be working, does owncloud create its own user or group you need to be a part of? Weird, I guess the user can be a number? Actually that would be so much easier than what I am currently doing.:D

 

[jat255]

I know for everything to work normally, files/folders accessed by owncloud should be owned by www:www.

I was hoping that by adding the owncloud www user to the same group (private) as the FreeNAS josh user, it would work, but that doesn't seem to be the case... I'm really not sure what the issue is.

 

[jat255]

I know for everything to work normally, files/folders accessed by owncloud should be owned by www:www.

I was hoping that by adding the owncloud www user to the same group (private) as the FreeNAS josh user, it would work, but that doesn't seem to be the case... I'm really not sure what the issue is.

I just tried rebooting, and magically it's working now!
Not sure, but I'm guessing owncloud didn't read the new permissions correctly until everything was reset. Thanks for the help.

 

[anika200]

I just tried rebooting, and magically it's working now!
Not sure, but I'm guessing owncloud didn't read the new permissions correctly until everything was reset. Thanks for the help.

Great you got it working :)
I always forget to reboot too, it does make a difference in some cases.

 

[enemy85]

Why don't you try this:

• Create a media group with the same group ID in FreeNAS and in every jail (in FreeNAS use the GUI, in the jails run pw groupadd media -g <id>).
• Change group of /mnt/volume1/media to media, permissions 770.
• Add the plex, transmission and www users to the media group (run pw usermod <user> -G media in the respective jail).

sorry for the stupid question...but where to run the "pw groupadd media -g <id>" command?
i tried using PUTTY logging as root and going in
/mnt/DATI/jails/plex_1
before using the command, but after doing this it says "missing name for redirect"...where do i go wrong???

could u explain me better how to solve this? I couldn't find anything on the forum.
thanks

 

[Dusan]

sorry for the stupid question...but where to run the "pw groupadd media -g <id>" command?
i tried using PUTTY logging as root and going in
/mnt/DATI/jails/plex_1
before using the command, but after doing this it says "missing name for redirect"...where do i go wrong???

You need to run it in the jail. To get a jail shell run this in your SSH (Putty) session: jexec plex_1 csh

 

[anika200]

sorry for the stupid question...but where to run the "pw groupadd media -g <id>" command?
i tried using PUTTY logging as root and going in
/mnt/DATI/jails/plex_1
before using the command, but after doing this it says "missing name for redirect"...where do i go wrong???

could u explain me better how to solve this? I couldn't find anything on the forum.
thanks

I think you are missing a key point

• Add the plex, transmission and www users to the media group (run pw usermod <user> -G media in the respective jail).

If you read again I am sure you will note the end of instructions, "in the respective jail".​

 

[jat255]

sorry for the stupid question...but where to run the "pw groupadd media -g <id>" command?
i tried using PUTTY logging as root and going in
/mnt/DATI/jails/plex_1
before using the command, but after doing this it says "missing name for redirect"...where do i go wrong???

could u explain me better how to solve this? I couldn't find anything on the forum.
thanks

You have to do this in the jail that you're interested in. Easiest way is to start a shell in the jail from the FreeNAS GUI, but you could also do:

Code:

jls

This will list the current jails you have, and you'll see plexmedia server listed with a jail number (JID).

Then run the following, making sure to replace ### with whatever jail number plex is running in. (sudo only required if you're logged in as a normal user)

Code:

sudo jexec ### csh

Once you are in the jail, you'll see that your shell changes to root@plexmediaserver_1 (or something similar), which lets you know that you're in the jail. This is where you would run the pw groupadd media -g <id> command.

If you have multiple jails, do this for each jail, making sure to exit each one first before trying to enter another.

 

[Dusan]

Code:

jls

This will list the current jails you have, and you'll see plexmedia server listed with a jail number (JID).

Then run the following, making sure to replace ### with whatever jail number plex is running in. (sudo only required if you're logged in as a normal user)

jexec also accepts jail names so there is no need to complicate this with jail IDs -- jails IDs change, jail names stay the same.

Code:

sudo jexec ### csh

He mentions a root SSH session, the GUI shell you mention also runs as root, so there's not need to use sudo.

 

[enemy85]

You need to run it in the jail. To get a jail shell run this in your SSH (Putty) session: jexec plex_1 csh

and as someone previously said, u are a genious!
Actually my problem was how to have shell access in the jails!
ok, now i'll try again!

EDIT:
actually it still says "missing name for redirect"....