Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

users, groups, permissions, OH MY

Featured Replies

OK, I tried searching for the last hour or so and can't get the answers...

 

Are there cons to running PMS, radarr, sonarr, nzbget, etc. all with nobody user?

 

Also, every dir within /mnt/ has nobody as the user.

 

I guess I'm talking security risks here. I want to try to prevent malicious tampering with anything on my server, but I also want to allow me to modify some dirs via W10 from my main desktop machine. I would also like to block PMS from being able to write to media folders.

 

Is it safer to make a group for all the apps that I want to have write access, and create users for each of them within that group? 

Then I could change group for all those folders and make only my superuser the actual owner.

 

Is this just silly?

 

EDIT: I'm running everything in Dockers.

Edited by jonesy8485

17 minutes ago, jonesy8485 said:

Are there cons to running PMS, radarr, sonarr, nzbget, etc. all with nobody user?

Sounds like you're running those as plugins, which isn't particularly recommended anyways.

 

19 minutes ago, jonesy8485 said:

I would also like to block PMS from being able to write to media folders

You definitely want to run docker applications.  You only allow read/write or read to whatever folders you allow the app access to.  IE:  If you don't want Plex to have access to your financial information share, then it is completely unable (and doesn't even know that it exists) to read from that share.

 

As already mentioned, you should be using Dockers and then you can control what areas and the various applications have access to as well as what permissions they have (read only or read-and-write).

  • Author

Everything is running in docker containers.

 

 

Edited by jonesy8485

Then you have no problems. Only assign each app access to whatever share you want them access to with either read only or read write permission

  • Author
10 minutes ago, Squid said:

Then you have no problems. Only assign each app access to whatever share you want them access to with either read only or read write permission

 

Thank you. I hadn't been using the read/write permissions which I have now utilized to stop PMS from having write access to media folders.

 

Is it advisable to disable root SSH login? I do not have web-facing webgui and use VPN.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.