[mythtv-users] Ownership of .nuv files/deleting problems
Maarten
mythtv at ultratux.org
Tue May 25 08:50:59 EDT 2004
On Tuesday 25 May 2004 13:19, Asciimonster wrote:
> I'm running mythbackend as a service, therefore the ownership of the
> .nuv it produces is root:root (with permission 644). However I'm running
> mythfrontend as a user (not root). This is no problem until I try to
> delete the recordings, that's when mythfrontend crashes/locks up. It
> can't delete then since it's not allowed to.
Several possibilities, really...
You can either start the service with su - <user> -c <command>, but then you
will have to make double sure said user has enough accessrights to the
different hardware interfaces otherwise mythbackend will crash / not
function. Like /dev/dsp* and /dev/video* and /dev/lirc and what have you...
You can also change the umask for the user root, or run everything as root,
but that can present a severe securityhole. However, one might consider this
if the Myth box is dedicated and does not really run anything else.
You could try to set the umask not globally but from within the service script
for a bit better protection, too. This might be both the easiest and a
relatively secure way to do it. Well, in fact since mythbackend is running
as root anyway, you're probably already theoretically exposed to a plethora
of securityissues without a full securityreview of all of Mythtv's code...
But then again, you're not running mythtv on a public-accessible box unless
you like to get rooted, so normally nobody cares about that.
A further possibility might be to set the video directory to a common group
(i.e.: users) and then set the mode to 2775 for that directory. I don't know
if the root user observes that mode, but you can always give it a try. hum,
no, that won't work by itself; you'd still need a umask 002 instead of 022...
So, combine this one with a umask change as described above.
Yet another possibility, but by far the most evil one IMHO: add group 'root'
to the user mythfrontend runs as. But BEWARE, you have now in practice given
full root rights to that user, since being in the group root gives you more
than enough leverage to root the box in hundreds of ways...
> I've configured cron to change the ownership changed every half hour.
Dude, that is just plain *ugly* ! ;-)
> But is there a more elegant way to solve this?
See above.
Maarten
--
Linux: Because rebooting is for adding hardware.
More information about the mythtv-users
mailing list