Hi all,
I've installed transmission-daemon on a fairly fresh Debain Squeeze install, but am having some file permission problems.
The transmission user in Debian is "debian-transmission". I have verified that the daemon is started as this user:
Code:
$ ps --user debian-transmission
PID TTY TIME CMD
3473 ? 00:00:00 transmission-da
I have created debian-transmission's home directory, with a torrents and .incomplete directory inside it:
Code:
$ ls -la /home/debian-transmission/
drwxrwxr-x 4 debian-transmission debian-transmission 4096 Oct 8 21:19 .
drwxr-xr-x 6 root root 4096 Oct 8 20:39 ..
drwxr-xr-x 2 debian-transmission debian-transmission 4096 Oct 8 21:19 .incomplete
drwxr-xr-x 2 debian-transmission debian-transmission 4096 Oct 8 21:08 torrents
I copied the settings.json file over from a previous Ubuntu install, where it worked as expected. In the old install my download directory was inside my main user's home directory, with the permissions changed to allow debian-transmission to write to it. As you can see, in this install I have changed the settings.json to download into the transmission user's home dir.
Code:
$ sudo cat /etc/transmission-daemon/settings.json
[sudo] password for charlie:
{
"alt-speed-down": 1,
"alt-speed-enabled": true,
"alt-speed-time-begin": 420,
"alt-speed-time-day": 127,
"alt-speed-time-enabled": true,
"alt-speed-time-end": 1380,
"alt-speed-up": 1,
"bind-address-ipv4": "0.0.0.0",
"bind-address-ipv6": "::",
"blocklist-enabled": false,
"dht-enabled": true,
"download-dir": "/home/debian-transmission",
"download-limit": 300,
"download-limit-enabled": 1,
"encryption": 1,
"incomplete-dir": "/home/debian-transmission/.incomplete",
"incomplete-dir-enabled": true,
"lazy-bitfield-enabled": true,
"lpd-enabled": false,
"max-peers-global": 200,
"message-level": 2,
"open-file-limit": 32,
"peer-limit-global": 120,
"peer-limit-per-torrent": 30,
"peer-port": 51413,
"peer-port-random-high": 65535,
"peer-port-random-low": 49152,
"peer-port-random-on-start": false,
"peer-socket-tos": 0,
"pex-enabled": true,
"port-forwarding-enabled": false,
"preallocation": 1,
"proxy": "",
"proxy-auth-enabled": false,
"proxy-auth-password": "",
"proxy-auth-username": "",
"proxy-enabled": false,
"proxy-port": 80,
"proxy-type": 0,
"ratio-limit": 1.0000,
"ratio-limit-enabled": true,
"rename-partial-files": true,
"rpc-authentication-required": true,
"rpc-bind-address": "0.0.0.0",
"rpc-enabled": true,
"rpc-password": "{b479a979442320560a5fd6c6047461452ad68501/1dEzN8u",
"rpc-port": 9091,
"rpc-username": "charlie",
"rpc-whitelist": "127.0.0.1,192.168.0.*",
"rpc-whitelist-enabled": true,
"script-torrent-done-enabled": false,
"script-torrent-done-filename": "",
"speed-limit-down": 300,
"speed-limit-down-enabled": true,
"speed-limit-up": 10,
"speed-limit-up-enabled": true,
"start-added-torrents": true,
"trash-original-torrent-files": false,
"umask": 2,
"upload-limit": 50,
"upload-limit-enabled": 0,
"upload-slots-per-torrent": 14,
"watch-dir": "/home/debian-transmission/torrents",
"watch-dir-enabled": true
}
I can access the web interface on localhost and via the local network. I have copied an old .torrent file into the "torrents" directory and changed its permissions to debian-transmission:debian-transmission (although I never had to do this on the old install, and can't think why I'd have to; I'm just trying to eliminate some causes).
When I try to run the download, the web interface reports"Error: Permission denied", even though it can connect to peers, and reports a download rate (for a while at least).
I've no idea why this permission problem is occurring. The filesystem permissions are as they were with my previous install, but the permission denied error indicates that the FS is where the issue lies.
Now, this is where my Linux-fu runs out. The default transmission data directories have slightly different permissions. (Note the sneaky 's' in the owner permissions):
Code:
$ ls -la /var/lib/transmission-daemon/
total 36
drwxr-xr-x 7 root root 4096 Oct 8 21:58 .
drwxr-xr-x 63 root root 4096 Oct 8 20:28 ..
drwxr-xr-x 2 root root 4096 Oct 8 21:56 blocklists
drwsrwxr-x 2 debian-transmission debian-transmission 4096 Oct 17 2010 downloads
drwsr-x--- 5 debian-transmission debian-transmission 4096 Oct 8 22:54 info
drwxr-xr-x 2 root root 4096 Oct 8 21:58 resume
-rw------- 1 root root 1871 Oct 8 21:58 settings.json
-rw------- 1 root root 137 Oct 8 21:58 stats.json
drwxr-xr-x 2 root root 4096 Oct 8 21:57 torrents
This is something to to with SUIDs or GUIDs or something. I've done a bit of reading, and don't really get the significance of these. Can someone enlighten me? Do I have to set the SUID of debian-transmission's home directory to the same as the "downloads" directory above? Why? What are the security implications of this? Why did this work before on my Ubuntu install?
Thanks in advance,
Charlie