February 23, 20242 yr What permissions should the /mnt folder have?? I'm solving one container where I want it to have access to /mnt and I currently have the permissions (see image). And I don't want a security problem.
February 23, 20242 yr Community Expert That looks non-standard so something must be changing it. It normally has owner and group both as 'root'. All folders directly under / should have the same permissions in my experience. You could try booting in Safe Mode and checking again. That would tell you if a plugin is changing it.
February 23, 20242 yr Author I don't have the option to run in safe mode at the moment, that won't happen until tomorrow/the day after. However, shouldn't it be a problem to change them now?? chgrp root /mnt && chown root /mnt
February 23, 20242 yr Community Expert @itimpi and @Aeloth, I do know that Dockers can be setup to run with root privileges. I did it with binhex-Krusader and the method to do so is posted as a "Recommended Posts' in the support thread. (I not longer use that Docker container since the introduction of Dynamix File Manager plugin.) And, of course, it is possible to setup a Docker container to have access to the root of the Unraid file system. (Doing so should be done only by the actual Administrator of the individual server who realizes the risks involved. Hopefully, there is not a Docker container being distributed via the Apps plugin that does so without that Administrator's knowledge! I would class that container as Malware...)
February 23, 20242 yr Author The change may have been historical, to me it was a container that is not in Apps but in dockerhub, it is a container that should help with backups using Veeam but I need it to have access to /mnt to be able to backup to unassigned drives. However I was struggling with the container not wanting to mount /mnt, eventually solved by reinstalling the container. But I fixed the permissions on /mnt as they should be and so far no container or plugin has changed it. I hope it's ok now.
February 23, 20242 yr Community Expert 27 minutes ago, Aeloth said: it is a container that should help with backups using Veeam but I need it to have access to /mnt to be able to backup to unassigned drives. Set up the container to run with root privileges. (If you do so, in the interest of security, I would put a strong password on the container GUI and start-and-stop the container when its use was required.) Here is the way I once did this: https://forums.unraid.net/topic/71764-support-binhex-krusader/page/17/#comment-780475 Edited February 23, 20242 yr by Frank1940
February 23, 20242 yr Author This container doesn't have any GUI, if you want to look at it, it's pk1057/veeam12 on DockerHub. I have Root Privileges set, I have strong passwords there too, hopefully that will be enough, the container will only work on a local network in a home environment.
February 23, 20242 yr Author Is it possible to use permissions like this in a container?? PUID=99 PGID=100 I don't really understand this yet.
February 23, 20242 yr Community Expert 2 minutes ago, Aeloth said: Is it possible to use permissions like this in a container?? PUID=99 PGID=100 I don't really understand this yet. Yes those variables are the 'numbers' for nobody (=99) and users group (=100). This should allow to do anything you want to the resources under /mnt It is not the container that is the only security problem. It is the fact that now all of the members of the users group now have access back to the root of the file system as well as the anonymous user-- nobody. This is called an "elevation of privileges" in security language. Some of us run our Unraid servers in a secured environment so this is not a big security issue unless one of the client computers is compromised.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.