transmission-daemon UID and permissions

Kropotkin · 06-11-2014, 03:25 PM

Hi all,

I built a simple home server/WAP/ADSL gateway on a FreeBSD box and I've been running the transmission daemon to handle Bittorrent downloads. I access the downloaded files from a couple of desktop machines via NFS shares.

I took me awhile to figure out why the downloaded files were read-only on these NFS disks -- they are owned by UID 921, transmission-daemon. This makes managing downloaded files via Nautilus on the desktop boxes a bit cumbersome.

I'm wondering how others arrange this. Manually chown stuff? Or this there a smarter approach? I could run transmission-daemon with my own UID, but there are probably very good reasons why this is not a good idea

dijetlo · 06-12-2014, 02:37 AM

Use setfacl on the containing directory, you have to unset/reset the umask

Quote:

#setfacl -R --mask g:users:rw,d:g:users:rw directory_name/

DJ Shaji · 06-13-2014, 03:41 PM

Ladies and Gentlemen, for the win:

Drum roll ...... ta da dish !

Run it as you
with sudo !

Code:

sudo -u user transmission-daemon

EDIT: Put the following in /etc/rc.local or similar.

Kropotkin · 06-14-2014, 04:25 AM

OK, that is a good idea.

There alread is a start-up script in /usr/local/etc/rc.d/ which includes the following lines:

Code:

: ${transmission_enable:=NO}
: ${transmission_conf_dir=/usr/local/etc/transmission/home}
: ${transmission_download_dir=/usr/local/etc/transmission/home/Downloads}
: ${transmission_user:=transmission}
transmission_group=${transmission_group:-$transmission_user}
: ${transmission_chown:=yes}

I wonder how best to override the default setting. I'd rather not edit the file but set it in rc.conf.

But at this point, I have to ask: why use sudo? Why not run it simply under my UID, 1000?

Thanks

DJ Shaji · 06-14-2014, 05:12 PM

Quote:

Originally Posted by Kropotkin

OK, that is a good idea.

There alread is a start-up script in /usr/local/etc/rc.d/ which includes the following lines:

Code:

: ${transmission_enable:=NO}
: ${transmission_conf_dir=/usr/local/etc/transmission/home}
: ${transmission_download_dir=/usr/local/etc/transmission/home/Downloads}
: ${transmission_user:=transmission}
transmission_group=${transmission_group:-$transmission_user}
: ${transmission_chown:=yes}

I wonder how best to override the default setting. I'd rather not edit the file but set it in rc.conf.

I run mine on Linux so I don't know about rc.conf, but looking above it seems that just changing the user and group might get the job done too.

Quote:

But at this point, I have to ask: why use sudo? Why not run it simply under my UID, 1000?

Thanks

I run mine manually through rc.local, and without sudo it will run as root. sudo makes it run under my normal user account which is uid 1000 too.

dijetlo · 06-14-2014, 07:29 PM

Quote:

sudo -u user transmission-daemon

You're standard user account is a passwordless member of sudoers?
That's a bad idea.
Putting that information in a script?
Worse idea..."fire you on the spot" kind of bad idea, actually.
If you're just messing around, it's fine. If you're trying to learn a skill... read up on setfacl.

DJ Shaji · 06-15-2014, 02:45 PM

Quote:

Originally Posted by dijetlo

Your standard user account is a passwordless member of sudoers?

Nope. As mentioned above the /etc/rc.local runs sudo, and because it's root no passwords are asked for. No other user can sudo on this system (even though there's just the one).

Quote:

That's a bad idea.

Yep.

Quote:

Putting that information in a script?
Worse idea..."fire you on the spot" kind of bad idea, actually.
If you're just messing around, it's fine. If you're trying to learn a skill... read up on setfacl.

It's my home server and it's fully locked down