You do not have permission to access....

[cyberd]

I recently upgraded to 5.0b2 to test things out.  Everything seems to be running good except for a little nagging problem with permissions.  I ran the update security when I initially upgraded but now whenever one of my external programs running on the raid server (Sabnzb, Sickbeard, etc) creates a new folder it has permission issues.

 

I always receive "You do not have permission to access \\tower\path to file"

 

If i run:

chmod -R go-rwx /mnt/user/path to file

chmod -R u-x /mnt/user/path to file

chmod -R g+u /mnt/user/path to file

chmod -R ug+X /mnt/user/path to file

chgrp -R users /mnt/user/path to file

chown -R nobody /mnt/user/path to file

 

 

everything works like a charm.

 

Is there a step I am missing somewhere that can prevent this from happening?

 

Thanks!!!

[BRiT]

Option A) Change the user that SABnzbd/Sickbeard is running as to 'nobody'.

Option B) Setup a SABnzbd post-processing script to kick off '/user/local/sbin/newperms /mnt/user/path_to_new_dir/'.

 

#!/bin/sh
# invoke newperms script on the new directory
echo "Changing permissions for download directory: $1"
/usr/local/sbin/newperms "$1"

 

One word of warning, the Limetech provided newperms script seems to have issues if passed a directory with a space in the name.

 

Option C) Set the base directory for your new downloads to be group id (sticky), so all new directories should be owned by the group [users]. You will also need to set the permissions given for the folders in SABnzbd appropriately [Config->Folders->Permissions for completed downloads], such as 2775.

 

chgrp users /mnt/user/base_dir
chmod g+s /mnt/user/base_dir

 

 

 

 

 

[cyberd]

Option A) Change the user that SABnzbd/Sickbeard is running as to 'nobody'.

Thanks for the input I like this option.. can't seem to get it working properly however. Any suggestions on the proper command, kind of a linux nub.

 

I launch SABnzbd/Sickbeard from the go file with the following commands

 

# Start SABnzbd and sickbeard and couch potato

  installpkg /boot/Packages/SABnzbdDependencies-2.0rc-i486-unRAID.tgz

  python /boot/sabnzbd/SABnzbd.py -d -s 192.168.1.10:88 -f /boot/config/sabnzbd.ini

  nohup python /boot/sickbeard/SickBeard.py &

  python /boot/couchpotato/CouchPotato.py -d

 

I tried adding su - nobody in front of each command but that didn't seem to do it.

 

 

 

[upthetoon]

I am also seeing this issue.

 

Does this happen for everyone running beta 2 and Sabnzbd?

 

I would also love to know how to run the application as "nobody" from the go script, could someone please detail how to do that?

 

Cheers.

[upthetoon]

I have been playing around with this, I still haven't come up with a definitive solution though.  I am also confused as to why more people are not seeing this issue.

 

At the minute if Sabnzbd has to create a new folder (a new season folder for example) I run the newperms script against it to regain access.

 

I have been looking at running the sabnzbd.exe as the user "nobody" and found this snipet on the net...

 

http://stackoverflow.com/questions/66870/how-do-i-run-a-program-as-nobody

 

"... may add your application to /etc/sudoers with proper settings and you'll be able to run it as with sudo -u nobody. This will work for both scripts and binary executables.

 

This could also work for scripts if you'll create a tiny helper executable which simply does exec("/home/you/bin/your-application"). This executable can be made suid-nobody (see above) and you may freely modify your-application."

 

A combination of these two methods might be the best?  Still not 100% sure how I can invoke it from the go script though.

[schmegg]

in order to make the files sabnzbd has downloaded have the file permissions i wanted, i just made a script:

 

#!/bin/bash

echo "  starting chownchmod script."

echo "  file permissons of the following user shares on cache drive"

 

if [ -d /mnt/cache/Games/ ]; then

chmod -R 775 /mnt/cache/Games/

chown -R root:pwusers /mnt/cache/Games/

fi

 

if [ -d /mnt/cache/Movies/ ]; then

chmod -R 775 /mnt/cache/Movies/

chown -R root:pwusers /mnt/cache/Movies/

fi

 

if [ -d /mnt/cache/Music/ ]; then

chmod -R 775 /mnt/cache/Music/

chown -R root:pwusers /mnt/cache/Music/

fi

 

if [ -d /mnt/cache/Videos/ ]; then

chmod -R 775 /mnt/cache/Videos/

chown -R root:pwusers /mnt/cache/Videos/

fi

 

echo "  chownchmod script complete."

echo " "

 

it just checks to see if such a directory exists then changes the permission on each folder (and its contents). the folder names are based on how my Categories are set up to download in sabnzbd. you will need to modify the script to suit your own categories/folders. you also need to specify the username:group since you wont have the same group "pwusers" on your system. or just remove the lines that have "chown" in it and change the lines with "chmod -R 775" to say "chmod -R 777" (this will make all the files accessible to anyone, no security basically).

 

copy the script (after you modified it) onto your flash drive (eg, /flash/scripts/chownchmod.sh). to make this automatic, I just added a line to crontab to run the script, chownchmod.sh, every 5 minutes. if you dont know how to do this, here is an outline of the steps:

- at the command prompt, type "crontab -e"

- use the commands shown here http://www.computerhope.com/unix/uvi.htm#05 to edit the file. google "linux VI editor" for more help on this

- the line you add will look something like this: */5 * * * * /boot/scripts/chownchmod.sh >/dev/null 2>&1

- when you are finished, press "SHIFT+q" then type "qw" to save changes

 

its not an elegant solution but it gets the job done.

 

helpful links:

http://www.funtoo.org/en/articles/linux/lpi/3/  search for "chown" to find the relevant part

http://www.openjs.com/scripts/jslibrary/demos/crontab.php

 

[sacretagent]

BRiT

would this work from the GO script ?

 

#sleep for 30 seconds
sleep 30

#Change whole user dir to Nobody owner
chown -R nobody /mnt/user
chgrp users /mnt/user
chmod g+s /mnt/user

#Sab/sickbeard/couchpotato dependencies
installpkg /boot/custom/packages/SABnzbdDependencies-2.1-i486-unRAID.tgz
#Sabnzbd startup
python /boot/custom/sabnzbd/SABnzbd-0.5.6/SABnzbd.py -d -f /boot/config/SABnzbd.ini -p -s 192.168.1.130:9080 
#Sickbeard startup
python /mnt/cache/.custom/sickbeard/SickBeard.py -d
#couchpotato startup
python /mnt/cache/.custom/couchpotato/couchpotato/CouchPotato.py -d

 

i don't use sickbeard or couchpotato movers script .. only sab moves stuff into /mnt/user/downloads

BUT sickbeard will add .nfo / tbn /jpg files into the other directories under /mnt/user

will they all be owned by nobody and readable by a windows machine ?

 

update... chown command takes LOONG time to finish ... is this necessary to invoke every boot ?? or just needed one time and then can leave it ?

[upthetoon]

in order to make the files sabnzbd has downloaded have the file permissions i wanted, i just made a script:

 

#!/bin/bash

echo "  starting chownchmod script."

echo "  file permissons of the following user shares on cache drive"

 

if [ -d /mnt/cache/Games/ ]; then

chmod -R 775 /mnt/cache/Games/

chown -R root:pwusers /mnt/cache/Games/

fi

 

if [ -d /mnt/cache/Movies/ ]; then

chmod -R 775 /mnt/cache/Movies/

chown -R root:pwusers /mnt/cache/Movies/

fi

 

if [ -d /mnt/cache/Music/ ]; then

chmod -R 775 /mnt/cache/Music/

chown -R root:pwusers /mnt/cache/Music/

fi

 

if [ -d /mnt/cache/Videos/ ]; then

chmod -R 775 /mnt/cache/Videos/

chown -R root:pwusers /mnt/cache/Videos/

fi

 

echo "  chownchmod script complete."

echo " "

 

it just checks to see if such a directory exists then changes the permission on each folder (and its contents). the folder names are based on how my Categories are set up to download in sabnzbd. you will need to modify the script to suit your own categories/folders. you also need to specify the username:group since you wont have the same group "pwusers" on your system. or just remove the lines that have "chown" in it and change the lines with "chmod -R 775" to say "chmod -R 777" (this will make all the files accessible to anyone, no security basically).

 

copy the script (after you modified it) onto your flash drive (eg, /flash/scripts/chownchmod.sh). to make this automatic, I just added a line to crontab to run the script, chownchmod.sh, every 5 minutes. if you dont know how to do this, here is an outline of the steps:

- at the command prompt, type "crontab -e"

- use the commands shown here http://www.computerhope.com/unix/uvi.htm#05 to edit the file. google "linux VI editor" for more help on this

- the line you add will look something like this: */5 * * * * /boot/scripts/chownchmod.sh >/dev/null 2>&1

- when you are finished, press "SHIFT+q" then type "qw" to save changes

 

its not an elegant solution but it gets the job done.

 

helpful links:

http://www.funtoo.org/en/articles/linux/lpi/3/   search for "chown" to find the relevant part

http://www.openjs.com/scripts/jslibrary/demos/crontab.php

 

 

Thanks schmegg.

 

I made a post-processing script for Sabnzbd that changes the user to nobody after each download.  That seems to work pretty well although it doesn't seem to work in every case.  I think its to do with the sorting the Sab does.  I think I'll use your idea too and run it once a day or something to change any left over folders that are missed by the post-processing script.

 

@sacretagent

 

You don't want to be putting it in your GO script.  Your box will take a while to boot and its not persistant, any files created after a boot will not be changed until the next boot.  If you are only using Sabnzbd you could try a post processing script.

 

The line below will change a downloaded folder and files owner to "nobody" when used in a post-processing script;

 

chown -R nobody:users "$1"

[sacretagent]

i changed idea and made them run under nobody

 

See -> http://lime-technology.com/forum/index.php?topic=2903.msg96444#msg96444

 

 

[upthetoon]

i changed idea and made them run under nobody

 

See -> http://lime-technology.com/forum/index.php?topic=2903.msg96444#msg96444

 

 

 

Nice work! This seems like the best solution but I could never figure out how to run them as nobody.  Cheers!

[unRaidMe]

Is there a solution for this file permissions issue with unRaid 5b6a?

 

I've installed SABnzbd, Sick Beard, and CouchPotato through the unMenu package manager and I seem to have to change permissions after each download through telnet in order to access it in my network share folders.

 

Thanks!