I am rather new to this but I came across a new road block.
I set up the file system and installed the BitTorrent plugin thanks to OMV Extras.
I can use it, and have, and it works fine!
However, when I made an account for my friend and he was able to log in to the OMV web interface, he didn't have BitTorrent under the "services" tab like I do as admin. How can I enable this for him so he can use it? Thanks!
You can't, is by design.
he can access transmission on port 9091
You can't, is by design.
he can access transmission on port 9091
How do I have him switch his ports in order to do that? Where would he do that exactly?
Im not sure I get the point of a service that my users can't use without jumping through hoops...
What happens when I add other plugins? How is that supposed to work??
What is the point of the plugin if he has to jump through hoops like that just to use it?
And what about the other plugins? I'm not sure I get the point of OMV if you can't use the plugins I've installed for them
omv is home nas solution (a file server at the end)
What hops ? is just one click (type) of a link. Some plugins have user access like openvpn or BitTorrent sync.
The rest is restricted for obvious reasons.
Much to learn Moheemo...
I actually have long thought that a hardcoded admin account is somewhat problematic. What happens if you have more than one person who you want to administer the box? Share the admin password? That doesn't exactly sound like a best practice. I think the lack of a fine grained permissions system in OMV is a pretty major oversight. Not only do you end up with the above problem, but you create a culture of plugins that simply don't cater to non-admin users. I understand that, at this point, adding something like that would be a huge rearchitecting of the system but I feel that it needs to be done at some point.
so the only way to have him access it is by having him input the port thing as above?
If my IP is 11.11.11.11
it would look like http://11.11.11.11_homeomv:9091/transmission/web/
correct?
EDIT: I got it. I think I understand this better and what I am going to do about it. Thanks!
So he can access transmission, but when he tries to download something, it works for a little while, then stops under the pretext of "Denied Access" what is this about? In addition, after about 5 min, the services crashes and I have to do a complete server reboot to get it working again. This is hardly a service that is working atm. Im sure it is on my end. What can I do about this?
Yes that should be correct, I just hope the address 11.11.11.11 is a joke or an "if" only.
transmission runs under a system daemon, he has no write access to shares by default, you can reset permissions to 777 mode in the tab next to shared folders
It is not a good idea to let some one be using your Torrent service.
Yes that should be correct, I just hope the address 11.11.11.11 is a joke or an "if" only.
transmission runs under a system daemon, he has no write access to shares by default, you can reset permissions to 777 mode in the tab next to shared folders
Yes it is a fake ip. And I'll look into that
It is not a good idea to let some one be using your Torrent service.
and why not? I know this man irl and have complete trust in him. The build of the service is more or less for him
Yes that should be correct, I just hope the address 11.11.11.11 is a joke or an "if" only.
transmission runs under a system daemon, he has no write access to shares by default, you can reset permissions to 777 mode in the tab next to shared folders
Do you have any idea why the service keeps crashing when I use the transmission web interface?
What kind of crash? The server goes down entirely or just transmission ?
The torrent daemon runs as the "debian-transmission" user. That user will need to have access to whatever directory he's trying to download to. However, when it creates files, it'll create them owned by it. I would recommend using FACLs to set this up. Let's pretend you want these files to go into "/data/torrent/downloads". I would put your friend's user into some group, I'll call it "Torrenters" and then do:
chown -R nobody:Torrenters /data/torrent/downloads
chmod -R u+rwX,g+rwX,o-rwX /data/torrent/downloads
setfacl -R -m u:debian-transmission:rwX /data/torrent/downloads
setfacl -R -m d:u:debian-transmission:rwX /data/torrent/downloads
setfacl -R -m d:g:Torrenters:rwX /data/torrent/downloads
What this does is the following:
- Set the ownership of the download directory to be owned by no user and the Torrenters group
- Set the directory to be readable (r), writable (w), and executable (X) by the owner user and groups and no one else.
- Add a File Access Control entry that gives the user (u) debian-transmission read, write, and execute on that directory.
- Add a File Access Control entry that will default (d) to giving the user (u) debian-transmission read (r), write (w), and execute (X) on any new files or directories created in that directory.
- Add a File Access Control entry that will default (d) to giving the group (g) Torrenters read (r), write (w), and execute (x) on any new files and directories created in that directory.
Note that "-R" makes it recursive, so all of the contents will receive these settings and using a capitol X instead of a lowercase x means that only those files that are already executable will be granted these new executable permissions (including directories). This is a useful way of setting execute only on those files where it's necessary. So with the default ACLs, if you create a new regular file or you torrent a regular file, it will not be executable by anyone. As soon as you "chmod +x" it, it should be executable by everyone with the proper default ACL.
What kind of crash? The server goes down entirely or just transmission ?
It says that I lost connection to transmission, and all downloads stop until I reboot the server.
Alles anzeigenThe torrent daemon runs as the "debian-transmission" user. That user will need to have access to whatever directory he's trying to download to. However, when it creates files, it'll create them owned by it. I would recommend using FACLs to set this up. Let's pretend you want these files to go into "/data/torrent/downloads". I would put your friend's user into some group, I'll call it "Torrenters" and then do:
chown -R nobody:Torrenters /data/torrent/downloads
chmod -R u+rwX,g+rwX,o-rwX /data/torrent/downloads
setfacl -R -m u:debian-transmission:rwX /data/torrent/downloads
setfacl -R -m d:u:debian-transmission:rwX /data/torrent/downloads
setfacl -R -m d:g:Torrenters:rwX /data/torrent/downloads
What this does is the following:
- Set the ownership of the download directory to be owned by no user and the Torrenters group
- Set the directory to be readable (r), writable (w), and executable (X) by the owner user and groups and no one else.
- Add a File Access Control entry that gives the user (u) debian-transmission read, write, and execute on that directory.
- Add a File Access Control entry that will default (d) to giving the user (u) debian-transmission read (r), write (w), and execute (X) on any new files or directories created in that directory.
- Add a File Access Control entry that will default (d) to giving the group (g) Torrenters read (r), write (w), and execute (x) on any new files and directories created in that directory.
Note that "-R" makes it recursive, so all of the contents will receive these settings and using a capitol X instead of a lowercase x means that only those files that are already executable will be granted these new executable permissions (including directories). This is a useful way of setting execute only on those files where it's necessary. So with the default ACLs, if you create a new regular file or you torrent a regular file, it will not be executable by anyone. As soon as you "chmod +x" it, it should be executable by everyone with the proper default ACL.
Do I run this all through root? And will this still be compatible with OMV?
Yes, and I'm not sure what that means. Do you mean will the ACLs show up in the web GUI? I'm not sure. Will they work with other things that OMV does? Sure. FACLs are pretty well supported in Linux.
Yes, and I'm not sure what that means. Do you mean will the ACLs show up in the web GUI? I'm not sure. Will they work with other things that OMV does? Sure. FACLs are pretty well supported in Linux.
great thanks
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!
