Mailing List Archive

File permissions
mythbackend runs as user mythtv.  My normal user is a member of the
mythtv group and I have write permission on the storage directories, but
the recordings are created without group write permission.  Any time I
need to work with a recording file (like fixing decoder errors (wish
that bug would get fixed some day, but I digress)) I need to chmod g+w
on the file first.  Is there a way I can have the recordings always
created with group write permission?

Dave D.


_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: File permissions [ In reply to ]
On 11/10/2020 19:01, DaveD wrote:
> mythbackend runs as user mythtv.  My normal user is a member of the
> mythtv group and I have write permission on the storage directories, but
> the recordings are created without group write permission.  Any time I
> need to work with a recording file (like fixing decoder errors (wish
> that bug would get fixed some day, but I digress)) I need to chmod g+w
> on the file first.  Is there a way I can have the recordings always
> created with group write permission?

They are here.

Make sure that the storage directory itself has group write permission.
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: File permissions [ In reply to ]
On 10/11/20 10:08 AM, Jan Ceuleers wrote:
> On 11/10/2020 19:01, DaveD wrote:
>> mythbackend runs as user mythtv.  My normal user is a member of the
>> mythtv group and I have write permission on the storage directories, but
>> the recordings are created without group write permission.  Any time I
>> need to work with a recording file (like fixing decoder errors (wish
>> that bug would get fixed some day, but I digress)) I need to chmod g+w
>> on the file first.  Is there a way I can have the recordings always
>> created with group write permission?
> They are here.
>
> Make sure that the storage directory itself has group write permission.

Yes, they do.  If they didn't, I wouldn't be able to do the chmod to
make them group writable.

I figured that setting the default umask for the mythbackend process to
0002 (instead of the default 0022) would fix it, but no luck
(systemd-analyze dump shows umask=0002 but new recordings are still
-rw-r--r--).  Is there a setting in the config somewhere?

Dave D.



_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: File permissions [ In reply to ]
On Sun, Oct 11, 2020 at 12:06 PM DaveD <mythtv@guiplot.com> wrote:

> mythbackend runs as user mythtv. My normal user is a member of the
> mythtv group and I have write permission on the storage directories, but
> the recordings are created without group write permission. Any time I
> need to work with a recording file (like fixing decoder errors (wish
> that bug would get fixed some day, but I digress)) I need to chmod g+w
> on the file first. Is there a way I can have the recordings always
> created with group write permission?
>
> Dave D.


You can always turn on the setgid bit on the directory as well.

chmod g+s <storageGroupDirectory>

>
>
Re: File permissions [ In reply to ]
On 10/11/20 11:34 AM, Greg Oliver wrote:
On Sun, Oct 11, 2020 at 12:06 PM DaveD <mythtv@guiplot.com> wrote:
mythbackend runs as user mythtv.  My normal user is a member of the
mythtv group and I have write permission on the storage directories, but
the recordings are created without group write permission.  Any time I
need to work with a recording file (like fixing decoder errors (wish
that bug would get fixed some day, but I digress)) I need to chmod g+w
on the file first.  Is there a way I can have the recordings always
created with group write permission?

Dave D.

You can always turn on the setgid bit on the directory as well.
chmod g+s <storageGroupDirectory>


That assures new files are members of the same group as the directory, which they are (mythtv).  That does NOT give group write permission to the file so I still have to chmod it (g+w) before I can write to it.  Another thing I just tried was

setfacl -dm group:mythtv:rwx <storageGroupDirectory>

but even that didn't work.  It's as if mythbackend is specifically setting the mode.  I've worked around it with a cron job that runs every night as root just before my "fix decoder errors" to chmod g+w on all files in the recordings directories, but that seems like such a hack and new files aren't "fixed" until the next cron job runs.  I've spent WAY too much time on this.  On to other things...


Dave D.
Re: File permissions [ In reply to ]
On Sun, Oct 11, 2020 at 1:51 PM DaveD <mythtv@guiplot.com> wrote:

> On 10/11/20 11:34 AM, Greg Oliver wrote:
>
> On Sun, Oct 11, 2020 at 12:06 PM DaveD <mythtv@guiplot.com> wrote:
>
>> mythbackend runs as user mythtv. My normal user is a member of the
>> mythtv group and I have write permission on the storage directories, but
>> the recordings are created without group write permission. Any time I
>> need to work with a recording file (like fixing decoder errors (wish
>> that bug would get fixed some day, but I digress)) I need to chmod g+w
>> on the file first. Is there a way I can have the recordings always
>> created with group write permission?
>>
>> Dave D.
>
>
> You can always turn on the setgid bit on the directory as well.
>
> chmod g+s <storageGroupDirectory>
>
> That assures new files are members of the same group as the directory,
> which they are (mythtv). That does NOT give group write permission to the
> file so I still have to chmod it (g+w) before I can write to it. Another
> thing I just tried was
>
> setfacl -dm group:mythtv:rwx <storageGroupDirectory>
>
> but even that didn't work. It's as if mythbackend is specifically setting
> the mode. I've worked around it with a cron job that runs every night as
> root just before my "fix decoder errors" to chmod g+w on all files in the
> recordings directories, but that seems like such a hack and new files
> aren't "fixed" until the next cron job runs. I've spent WAY too much time
> on this. On to other things...
>
> Dave D.
>

Are you using systemd to manage the mythbackend process? If so take a look
at:
https://www.freedesktop.org/software/systemd/man/systemd.exec.html#UMask=

John
Re: File permissions [ In reply to ]
On 10/11/20 1:03 PM, John P Poet wrote:


On Sun, Oct 11, 2020 at 1:51 PM DaveD <mythtv@guiplot.com> wrote:
On 10/11/20 11:34 AM, Greg Oliver wrote:
On Sun, Oct 11, 2020 at 12:06 PM DaveD <mythtv@guiplot.com> wrote:
mythbackend runs as user mythtv.  My normal user is a member of the
mythtv group and I have write permission on the storage directories, but
the recordings are created without group write permission.  Any time I
need to work with a recording file (like fixing decoder errors (wish
that bug would get fixed some day, but I digress)) I need to chmod g+w
on the file first.  Is there a way I can have the recordings always
created with group write permission?

Dave D.

You can always turn on the setgid bit on the directory as well.
chmod g+s <storageGroupDirectory>


That assures new files are members of the same group as the directory, which they are (mythtv).  That does NOT give group write permission to the file so I still have to chmod it (g+w) before I can write to it.  Another thing I just tried was

setfacl -dm group:mythtv:rwx <storageGroupDirectory>

but even that didn't work.  It's as if mythbackend is specifically setting the mode.  I've worked around it with a cron job that runs every night as root just before my "fix decoder errors" to chmod g+w on all files in the recordings directories, but that seems like such a hack and new files aren't "fixed" until the next cron job runs.  I've spent WAY too much time on this.  On to other things...


Dave D.

Are you using systemd to manage the mythbackend process? If so take a look at: https://www.freedesktop.org/software/systemd/man/systemd.exec.html#UMask="]https://www.freedesktop.org/software/systemd/man/systemd.exec.html#UMask=
John


Yea, thanks for posting that but already been there.  Verified with systemd-analyze dump that new umask is set, tried systemctl daemon-reload and restarted mythbackend, no change.  Thanks again,

Dave D.
Re: File permissions [ In reply to ]
On Sun, 11 Oct 2020 11:32:22 -0700, you wrote:

>On 10/11/20 10:08 AM, Jan Ceuleers wrote:
>> On 11/10/2020 19:01, DaveD wrote:
>>> mythbackend runs as user mythtv.? My normal user is a member of the
>>> mythtv group and I have write permission on the storage directories, but
>>> the recordings are created without group write permission.? Any time I
>>> need to work with a recording file (like fixing decoder errors (wish
>>> that bug would get fixed some day, but I digress)) I need to chmod g+w
>>> on the file first.? Is there a way I can have the recordings always
>>> created with group write permission?
>> They are here.
>>
>> Make sure that the storage directory itself has group write permission.
>
>Yes, they do.? If they didn't, I wouldn't be able to do the chmod to
>make them group writable.
>
>I figured that setting the default umask for the mythbackend process to
>0002 (instead of the default 0022) would fix it, but no luck
>(systemd-analyze dump shows umask=0002 but new recordings are still
>-rw-r--r--).? Is there a setting in the config somewhere?
>
>Dave D.

Isn't there also a problem if any of the directories above the storage
directory do not have the group write permission? And possibly also
group x?

Anyway, I know that at one time I used to have problems with
permissions on the recordings, but after I just did chmod a=rwx to the
directories they all went away. So my /mnt and /mnt/rec* directories
are all set to a=rwx and owned by root. I know, that basically
completely turns off all security. But since I am the only person on
my network they are only TV recordings, I find that is the best
solution for me as I really hate permissions problems. It is my
machine - it should work for me, not against me!
_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org
Re: File permissions [ In reply to ]
On 10/11/20 4:35 PM, DaveD wrote:
>
> Yea, thanks for posting that but already been there.  Verified with
> systemd-analyze dump that new umask is set, tried systemctl
> daemon-reload and restarted mythbackend, no change.  Thanks again,
>
> Dave D.
>
>
I always use umask 0002 and I see that the recordings are -rw-r--r-- and
the preview images are -rw-rw-rw-. Neither conforms to the umask, so I
suspect something in MythTV is causing the umask to be ignored and other
permissions to be set.

Peter


_______________________________________________
mythtv-users mailing list
mythtv-users@mythtv.org
http://lists.mythtv.org/mailman/listinfo/mythtv-users
http://wiki.mythtv.org/Mailing_List_etiquette
MythTV Forums: https://forum.mythtv.org