Best practice for copying media over network and maintain permissions?

[tmchow]

I'm copying media frequently from my Windows desktop PC to my unraid box.  Things like Torrents and Usenet are done on my desktop PC (not sure if I'll bother migrating this to be something that only lives on my unraid box).

 

Prior to unraid, I had a Windows server that I would copy over the network all the time. That box acted as my Plex Server and NAS, and things worked really well.

 

However, what I discovered is a permission issue with Unraid.  Limetech's Plex docker runs as "nobody", but when I copy over files from my windows box, the owner user is "steve" (assume "steve" is my windows user account name).  Ditto if I create directories.

 

I can easily fix this by running newperms, but don't want to have to keep doing that.  I don't want permissions to be mucked up in confusing state between "nobody" and "users".

 

What is the best practice here? Surely I can't be the only one in this boat?

[John_M]

I'm curious about this too because I use both public and private shares in a mostly OS X environment. The user nobody is the default owner of public files and folders, so if you stick with just public shares then having dockers run as nobody isn't an issue, so I expect that's what most people do with their media libraries, with the advantage that anyone in the household can access them. People also have private documents that can be stored in private shares, but I agree that it would be nice if it was possible to be able to choose the UID and GID under which an arbitrary docker runs. In fact some do allow these to be set - I think Dolphin is an example - but some certainly don't.

[danioj]

I'm curious about this too because I use both public and private shares in a mostly OS X environment. The user nobody is the default owner of public files and folders, so if you stick with just public shares then having dockers run as nobody isn't an issue, so I expect that's what most people do with their media libraries, with the advantage that anyone in the household can access them. People also have private documents that can be stored in private shares, but I agree that it would be nice if it was possible to be able to choose the UID and GID under which an arbitrary docker runs. In fact some do allow these to be set - I think Dolphin is an example - but some certainly don't.

 

This is not REALLY addressing your issue as I imagine it to be BUT as I have nothing else to offer:

 

 

If you were willing to drop to the CLI and mount the shares on the unRAID Server (either normally or via Unassigned Devices) OR specify the share manually you could just use:

 

cp -dpR

 

-p switch: same as --preserve=mode,ownership,timestamps etc

-d switch: same as --no-dereference --preserve=links

-R switch: recursive copy (assuming you want to copy all sub directories)

 

 

There IS a tool called SyncBack which preserves permissions BUT I think you need the paid versions to do this. Plus its a bit onerous to have to set up jobs to copy ad-hoc files at will. But here it is anyway:

 

http://www.2brightsparks.com/syncback/syncback-hub.html

 

 

I personally use Teracopy when copying over the network from a Windows enviroment BUT I cannot find any instance of this program maintaining permissions:

 

http://www.codesector.com/teracopy

 

Sorry i can't be more helpful.

 

[John_M]

Thanks for your suggestions, danioj. I haven't actually had an problem with copying files back and forth between client computers and unRAID. I can (by design) only mount a private share if I know the credentials, in which case file ownership is preserved - the obvious thing is to create an unRAID user for each computer user, with matching names and passwords.

 

I can mount a public share either as a guest (which maps to the user nobody) or as one of the users configured in unRAID. The only real problem is, as tmchow points out, when files are created, not by a logged in user, but by a docker app running as nobody, when the destination is a private share, not a public one. It's rather like someone gaining public access to a private share, which isn't supposed to happen.

 

The workround seems to be to allow dockers to access only public folders. This in turn requires shares containing particular files that are accessed by dockers (the example being plex, and therefore implying media files) to be public shares, which makes, say, parental control very difficult. It seems that could be a major shortcoming in some households.

 

I was just wondering how long-time users deal with this.

 

[ken-ji]

my personal workaround is to have

[global]
    force user = nobody

in /boot/config/smb-extra.conf

 

this makes all SMB access as the nobody user but require correct authentication for private shares.

 

[tmchow]

my personal workaround is to have

[global]
    force user = nobody

in /boot/config/smb-extra.conf

 

this makes all SMB access as the nobody user but require correct authentication for private shares.

 

Do I need to reboot for this to take effect?

[ken-ji]

Samba should pickup the changes automatically, but restarting samba is the minimum requirement. I think its

/etc/rc.d/rc.samba restart

. A reboot will do all of that for you though.

[tmchow]

Samba should pickup the changes automatically, but restarting samba is the minimum requirement. I think its

/etc/rc.d/rc.samba restart

. A reboot will do all of that for you though.

 

Perfect, this solution worked. Just tested it by copying a small text file into one user share where the wrong permissions were being applied before.

 

I'm puzzled why this isn't the default config out of the box.

[Bjonness406]

Just wondering, what issues are you experiencing because of this?

[tmchow]

Just wondering, what issues are you experiencing because of this?

 

None yet that I can tell, perhaps it's just me being paranoid. i don't like the idea that unraid is expecting all the folders and files to be owned by "nobody" by then there rogue files in the shares as "steve".

 

Like I said, maybe I'm being too paranoid, but I've been bit by folder permission issues so many times on my last Windows Server box (that this unraid box is replacing), I'm being ultra cautious.

 

The way I see it, there's no downside to forcing "nobody" as the owner.