| 1 |
Hi there, |
| 2 |
|
| 3 |
I'm in the process of ripping my DVD collection to mp4 and have just |
| 4 |
installed net-misc/mediatomb. I am EXTREMELY impressed with this |
| 5 |
service, which has very quickly demonstrated a marvellous ability to |
| 6 |
stream video to my PS3. |
| 7 |
|
| 8 |
On my server I have two largish hard-drives which are used for |
| 9 |
miscellaneous storage - backups, drivers & service packs for my work, |
| 10 |
customer backups and all these video files which will soon be rapidly |
| 11 |
increasing in quantity. |
| 12 |
|
| 13 |
Because of the miscellaneous nature of this data, I have mounted these |
| 14 |
two disks at /mnt/space and /mnt/morespace Following a discussion a |
| 15 |
while back I will probably move them to /media/video[123] or /media/ |
| 16 |
spaceX when I get around to reorganising. |
| 17 |
|
| 18 |
Permissions on these volumes are such that any user on the system (me, |
| 19 |
hypothetically trusted friends or family in the future) should have |
| 20 |
full access to all the miscellaneous junk on them. I need to play back |
| 21 |
videos and delete the old versions when I decide a film needs to be |
| 22 |
ripped in higher quality. |
| 23 |
|
| 24 |
I'm a little unclear as to how these permissions have been applied - |
| 25 |
shouldn't it be based either on the permissions of the mount-point |
| 26 |
directory, or added as an "-o users,umask=000" in /etc/fstab ? |
| 27 |
|
| 28 |
$ grep space /etc/fstab |
| 29 |
LABEL=space /mnt/space xfs noatime 0 3 |
| 30 |
LABEL=MoreSpace /mnt/morespace xfs noatime 0 3 |
| 31 |
$ sudo umount /mnt/morespace/ |
| 32 |
$ ls -lh /mnt/ |
| 33 |
total 0 |
| 34 |
drwxrwx--- 2 root cdrom 72 May 28 2007 dvdrom |
| 35 |
drwxrwx--- 2 root users 48 Sep 21 23:24 foo |
| 36 |
drwxrwxrwx 2 root root 48 May 19 2007 morespace |
| 37 |
drwxrwx--- 8 root users 116 Sep 11 11:53 space |
| 38 |
$ sudo mount -a |
| 39 |
$ ls -lh /mnt/ |
| 40 |
total 4.0K |
| 41 |
drwxrwx--- 2 root cdrom 72 May 28 2007 dvdrom |
| 42 |
drwxrwx--- 2 root users 48 Sep 21 23:24 foo |
| 43 |
drwxrwx--- 5 root users 4.0K Sep 15 20:46 morespace |
| 44 |
drwxrwx--- 8 root users 116 Sep 11 11:53 space |
| 45 |
$ |
| 46 |
|
| 47 |
|
| 48 |
Anyway, the problem that I encountered was that Mediatomb was unable |
| 49 |
to read these drives because Gentoo init.d script (very sensibly, IMO) |
| 50 |
runs the server as its own user, which clearly did not have permission |
| 51 |
to read these disks. I like this idea, because I tend to trust the |
| 52 |
users on my system (this may be foolish!) yet fear a hijacked daemon |
| 53 |
maliciously deleting my collection of Carry On films. |
| 54 |
|
| 55 |
You can see here how I've worked around the problem for the moment: |
| 56 |
|
| 57 |
$ grep -ie user -ie group /etc/conf.d/mediatomb |
| 58 |
# Run MediaTomb as this user. |
| 59 |
MEDIATOMB_USER="mediatomb" |
| 60 |
# Run MediaTomb as this group. |
| 61 |
#MEDIATOMB_GROUP="mediatomb" |
| 62 |
MEDIATOMB_GROUP="users" |
| 63 |
$ |
| 64 |
|
| 65 |
However I'm posting to solicit suggestions on the best permissions |
| 66 |
practices for this purpose. mediatomb shouldn't need write access to |
| 67 |
these files or folders at all - there's no option on the UPnP client, |
| 68 |
for instance, to delete files from the server. Should I make the |
| 69 |
drives owned by "users" and in the "mediatomb" group, with read-only |
| 70 |
access for the latter? Any other suggestions? |
| 71 |
|
| 72 |
Stroller. |
Archives