[mythtv-users] additional drive

Thu Sep 11 13:10:26 UTC 2014

Daryl McDonald <darylangela at gmail.com> wrote:

> OK, I'm creating the directory in /media/storage2 and I chown'd it and chmod'd it, and it looks like this:
> 
> drwxrwxr-x 2 mythtv root  4096 Sep 11 08:14 mythtv
> 
> whereas in /media/storage the same directory looks like:
> 
> drwxrwxr-x 15 ntp  mythtv  4096 Sep 11 07:31 mythtv
> 
> Did I not chown it properly?

Yes you did - the old one is "not correct".

Take storage2 first. drwxrwxr-x means that it's a directory, the owner has full right, the group has full right, and everyone else has read (r) and execute(x)* rights. Then mythtv root means it's owned by mythtv (good) and group root which doesn't really matter. The key things is that mythtv user has wrx access.

storage is odd ! It has full rights (rwx) to user and group, but the user is ntp - odd. However group mythtv has access so that's OK - it'll still work fine, but I'd probably change owner to mythtv.

When it comes to privileges, it works like this (a bit simplified, but it'll do) :

Does the current effective userid match the user set for the object, and if so does that give the user sufficient rights ? For storage2, the answer is yes, for storage the answer is no.

If not, does the user have a group membership matching the group ownership of the object, and if so does that give the user sufficient rights ? For storage the answer is yes, so mythtv can use it.

Lastly, do the "other" (or world) rights give the user sufficient permissions ? In this case not relevant as a prior match was OK.

A user can be in several groups. In a business environment you might have groups for different departments - so sales people are in teh sales group and so on. But senior managers may be in several groups so that they can see files from multiple departments.

* In the context of directories, execute permission means you can search and traverse the directory. Without it, you cannot see what is in it - but I think you can still write if you have write access - in effect you have a drop box where you can place files but not see what's in there.

Daryl McDonald <darylangela at gmail.com> wrote:

> Similarly the recordings directory doesn't look the same:
> 
> drwxrwxr-x 2 mythtv root 4096 Sep 11 08:33 recordings
> 
> as compared to:
> 
> drwxrwsr-x 2 mythtv mythtv      20480 Sep 11 07:31 recordings
> 
> How do I get an "s" in there and what is it's numerical value? 5

s or S is the "sticky" bit. In this context, it simply means that regardless of the group membership of the user that creates any file, in the file system it's group ownership will be set to mythtv. Say we had two groups - sales and marketing. It might be reasonable to give sales people access to marketing files by making sales users members of the marketing group. But if a sales person puts a new file in the marketing folder, by default it would have group ownership of the users primary group - sales - and thus marketing people wouldn't be able to read it. So you'd put the sticky bit on the marketing folder so new files would be owned by the marketing group.
In this case, if you made yourself a member of the mythtv group, it means you could dabble in that folder and things you created would be owned by the mythtv group rather than your own group. The sticky bits are set by setting the initial value of the mode to 1,2, or 3 instead of 7. So 0770 gives owner and group full rights, making that 1770, 2770, or 3770 sets teh sticky bit for user and/or group. Whether you see s or S depends on whether the x attribute is also set.

> I tried creating the directories as mythtv user, but permission was denied, and with sudo, I don't know mythtv's password. Should there be more to the command "sudo chown mythtv recordings"?

If you su to root first, root can su or sudo to any user without a password.
Otherwise - set a password for mythtv. "su -" or "sudo bash" to become root, then "passwd mythtv" will allow you to set the user password. I don't think this should affect anything else as it's only the user login password - it's not AFAIK used internally by Myth.