1 |
Hi there, |
2 |
|
3 |
I'm in the process of ripping my DVD collection to mp4 and have just |
4 |
installed net-misc/mediatomb. I am EXTREMELY impressed with this |
5 |
service, which has very quickly demonstrated a marvellous ability to |
6 |
stream video to my PS3. |
7 |
|
8 |
On my server I have two largish hard-drives which are used for |
9 |
miscellaneous storage - backups, drivers & service packs for my work, |
10 |
customer backups and all these video files which will soon be rapidly |
11 |
increasing in quantity. |
12 |
|
13 |
Because of the miscellaneous nature of this data, I have mounted these |
14 |
two disks at /mnt/space and /mnt/morespace Following a discussion a |
15 |
while back I will probably move them to /media/video[123] or /media/ |
16 |
spaceX when I get around to reorganising. |
17 |
|
18 |
Permissions on these volumes are such that any user on the system (me, |
19 |
hypothetically trusted friends or family in the future) should have |
20 |
full access to all the miscellaneous junk on them. I need to play back |
21 |
videos and delete the old versions when I decide a film needs to be |
22 |
ripped in higher quality. |
23 |
|
24 |
I'm a little unclear as to how these permissions have been applied - |
25 |
shouldn't it be based either on the permissions of the mount-point |
26 |
directory, or added as an "-o users,umask=000" in /etc/fstab ? |
27 |
|
28 |
$ grep space /etc/fstab |
29 |
LABEL=space /mnt/space xfs noatime 0 3 |
30 |
LABEL=MoreSpace /mnt/morespace xfs noatime 0 3 |
31 |
$ sudo umount /mnt/morespace/ |
32 |
$ ls -lh /mnt/ |
33 |
total 0 |
34 |
drwxrwx--- 2 root cdrom 72 May 28 2007 dvdrom |
35 |
drwxrwx--- 2 root users 48 Sep 21 23:24 foo |
36 |
drwxrwxrwx 2 root root 48 May 19 2007 morespace |
37 |
drwxrwx--- 8 root users 116 Sep 11 11:53 space |
38 |
$ sudo mount -a |
39 |
$ ls -lh /mnt/ |
40 |
total 4.0K |
41 |
drwxrwx--- 2 root cdrom 72 May 28 2007 dvdrom |
42 |
drwxrwx--- 2 root users 48 Sep 21 23:24 foo |
43 |
drwxrwx--- 5 root users 4.0K Sep 15 20:46 morespace |
44 |
drwxrwx--- 8 root users 116 Sep 11 11:53 space |
45 |
$ |
46 |
|
47 |
|
48 |
Anyway, the problem that I encountered was that Mediatomb was unable |
49 |
to read these drives because Gentoo init.d script (very sensibly, IMO) |
50 |
runs the server as its own user, which clearly did not have permission |
51 |
to read these disks. I like this idea, because I tend to trust the |
52 |
users on my system (this may be foolish!) yet fear a hijacked daemon |
53 |
maliciously deleting my collection of Carry On films. |
54 |
|
55 |
You can see here how I've worked around the problem for the moment: |
56 |
|
57 |
$ grep -ie user -ie group /etc/conf.d/mediatomb |
58 |
# Run MediaTomb as this user. |
59 |
MEDIATOMB_USER="mediatomb" |
60 |
# Run MediaTomb as this group. |
61 |
#MEDIATOMB_GROUP="mediatomb" |
62 |
MEDIATOMB_GROUP="users" |
63 |
$ |
64 |
|
65 |
However I'm posting to solicit suggestions on the best permissions |
66 |
practices for this purpose. mediatomb shouldn't need write access to |
67 |
these files or folders at all - there's no option on the UPnP client, |
68 |
for instance, to delete files from the server. Should I make the |
69 |
drives owned by "users" and in the "mediatomb" group, with read-only |
70 |
access for the latter? Any other suggestions? |
71 |
|
72 |
Stroller. |