NZBget/SABnzb - Storage premissions delte or rename files not allowed

Chris007 · Jan 11th 2022

::ENG::

Hello dear OMV friends,

I currently have the following problem: if I install NZBget or SABnzb via Portainer as a Docker container, both work as far as possible, but I have no authorization to delete, move or rename data in the download folder.

As PUID = OpenMediaVault Admin and PGID = User

I've tried other IDs too. But the users created in OMV are not displayed at all when querying the SSH terminal "id $ user".

The "/ config" folder of the respective container has a portainer volume and the download folder is located in a folder released in OMV (also called SAMBA) on one of the two NAS HDDs.

My hardware:

OMV Version: 5.6.23-1 (Usul)

CPU: Intel Celeron J4105 @ 1.50GHz

RMA: 16GB DDR4 SODIMM

OMV SSD: 128GB SATA m.2 <-- only OMV & Docker Data

Storage NAS Drives: 2x 4TB WD Red

Kernel: Linux 5.10.0-0.bpo.8-amd64

Docker: 5: 10/20/12 ~ 3-0 ~ debian-buster

Portainer: 2.11.0

_________________________________________________________________________________________________

::DE::

Hallo liebe OMV Freunde,

ich habe aktuell folgendes Problem: wenn ich NZBget oder SABnzb via Portainer als Docker Container installiere funktioniert beides soweit einwandfrei aber ich habe keine Berechtigung im Download Ordner Daten zu löschen, verschieben oder umzubenennen.

Als PUID = OpenMediaVault Admin und PGID = User

Ich habe auch schon andere IDs versucht. Aber die in OMV angelegten Benutzer werden bei der SSH Terminal abfragen "id $user" gar nicht angezeigt.

Der "/config" Ordner der jeweiligen Container hat ein einges Portainer Volume und der Download Ordner befindet sich auf einem in OMV Freigegebenen (auch als SAMBA) Ordner auf einer der beiden NAS HDDs.

Meine Hardware:

OMV Version: 5.6.23-1 (Usul)

CPU: Intel Celeron J4105 @ 1.50GHz

RMA: 16GB DDR4 SODIMM

OMV SSD: 128GB SATA m.2 <-- nur für OMV & Docker

Storage NAS Drives: 2x 4TB WD Red

Kernel: Linux 5.10.0-0.bpo.8-amd64

Docker: 5:20.10.12~3-0~debian-buster

Portainer: 2.11.0

chente · Jan 11th 2022

You shouldn't use admin on a container unless absolutely necessary. Take a look at this.

[How to] Prepare OMV to install docker applications

Zoki · Jan 11th 2022

What permissions does the download folder have?

If you change the PUID (and you will have to), you will most likely have to change the permissions inside the named volume too.

Chris007 · Jan 11th 2022

Zoki i changed the PUID, but nothing works.

The Download Folder has the premissions form OMV Admin, this is the PUID in the Docker Container.

gderf · Jan 11th 2022

When are you going to post the complete set of things you put into Portainer to create this container? You should be working from the documentation available for the docker image you are using that shows suggested sample docker run, docker compose, docker create or stack files. All of these sample files need to be corrected to agree with your exact use case. They can not be used as is. Simply put, there are no mind readers here and prying this information out of users looking for help one piece at a time is not helpful, delays you from arriving at a solution, and discourages those who could help you from actually helping you.

By far, the most commonly seen problem with dockers revolves around a mismatch between the user:group (PUID:PGID) the container runs as and the ownership and permissions on the files and folders it needs to operate on. This will bite you every single time. <- It is impossible to overemphasize this.

As already stated, using the OMV Admin PUID=998 to run containers is a mistake. I don't know where this idea came from originally, but it is constantly being rediscovered and applied.

Chris007 · Jan 14th 2022

THX for this Information.

But it is a premission problem, i ask for an solution for the folder premissions.

As far as I understand, the container owner is also the one who has the rights to the data. So the OMVAdmin would also be legally able to delete the data created by the container.

If that's wrong, who would be the right user so that the normal user can then also delete the data on the data carriers? My Main User (Chris) is in OMV also in the OVMAdmin Group.

But here is the data for creating the container:

Code

version: "2.1"
services:
  nzbget:
    image: lscr.io/linuxserver/nzbget
    container_name: nzbget
    environment:
      - PUID=997 <-- OMVAdmin
      - PGID=100
      - TZ=Europe/Berlin
    volumes:
      - "A Container Volume":/config
      - /my_harddiskdrive/:/downloads
    ports:
      - 6789:6789
    restart: unless-stopped

Display More

Zoki · Jan 14th 2022

post stat /my_harddiskdrive

and ls -l /my_harddiskdrive/

You are mixing up user and gtoup of a file and file permissions.

And you do not seem to care for security :-

Soma · Jan 14th 2022

If you feel safe to open your server to the outside world with a user access than can cripple ALL your DATA, then continue as you are.

If not, then remove your user from those groups, chown the folders to the user you need to run (id 1000 or bigger, gid can be 100)

chown recursively to 1000:100 and relaunch the YML.

Done

Chris007 · Jan 14th 2022

THX Soma,

the Server is only in local network at home, no remote access and so on.

The idea with chown, i will try it later.

Soma · Jan 14th 2022

Quote from Chris007

the Server is only in local network at home, no remote access and so on

So, why do you need a nzbget client?!?

Zoki · Jan 14th 2022

you will get the uid of the user to use by id the_user_name.

hazel1 · Feb 7th 2022

Hi! If you are using Mac or Windows try Long Path Tool. It is very helpful in such issues.

NZBget/SABnzb - Storage premissions delte or rename files not allowed

Participate now!

Tags