| 1 |
Hi Willie, |
| 2 |
|
| 3 |
Many thanks for your informative reply. |
| 4 |
|
| 5 |
|
| 6 |
On 30 Sep 2008, at 15:18, Willie Wong wrote: |
| 7 |
|
| 8 |
> On Tue, Sep 30, 2008 at 03:05:58AM +0100, Penguin Lover Stroller |
| 9 |
> squawked: |
| 10 |
>> I'm a little unclear as to how these permissions have been applied - |
| 11 |
>> shouldn't it be based either on the permissions of the mount-point |
| 12 |
>> directory, or added as an "-o users,umask=000" in /etc/fstab ? |
| 13 |
> |
| 14 |
> umask only applies to file systems with no intrinsic permission |
| 15 |
> settings, e.g. VFAT. The permissions for file systems with permission |
| 16 |
> bits are set in the file system itself ... chmod/chown/chgrp applied |
| 17 |
> to the mount point after |
| 18 |
> mounting will change the permissions of the actual file system. |
| 19 |
|
| 20 |
Of course! It would not have occurred to me to ask this question were |
| 21 |
I mounting a drive at a normal place in the Unix directory tree (by |
| 22 |
which I mean /bin, /boot, /etc, /home, /lib, /sbin, /usr, /var and |
| 23 |
directories below them). |
| 24 |
|
| 25 |
>> However I'm posting to solicit suggestions on the best permissions |
| 26 |
>> practices for this purpose. mediatomb shouldn't need write access |
| 27 |
>> to these |
| 28 |
>> files or folders at all - there's no option on the UPnP client, for |
| 29 |
>> instance, to delete files from the server. Should I make the drives |
| 30 |
>> owned |
| 31 |
>> by "users" and in the "mediatomb" group, with read-only access for |
| 32 |
>> the |
| 33 |
>> latter? Any other suggestions? |
| 34 |
>> |
| 35 |
> What's so secret in your media folders that you can't just give read |
| 36 |
> access to mediatomb? Why don't you have it like you have now with |
| 37 |
> regards tot he owner and group and just give read permission to other? |
| 38 |
> |
| 39 |
> owner root |
| 40 |
> group users |
| 41 |
> umask 002 (i.e. you will have rwxrwxr-x or rw-rw-r-- ?) |
| 42 |
|
| 43 |
Of course! That's perfect. And I can easily keep customer data and |
| 44 |
other stuff on the drive at umask 007. |
| 45 |
|
| 46 |
> To do any fancier (say, files owned by root, read-write access for all |
| 47 |
> users and read access only for mediatomb and no access for everyone |
| 48 |
> else) you will probably need a real ACL with which I can offer no |
| 49 |
> suggestions. |
| 50 |
|
| 51 |
No, that's not necessary at all. I must've been having a brain-fart |
| 52 |
even to have asked. |
| 53 |
|
| 54 |
Stroller. |
Archives