On Tue, Sep 30, 2008 at 03:05:58AM +0100, Penguin Lover Stroller squawked: > I'm a little unclear as to how these permissions have been applied - > shouldn't it be based either on the permissions of the mount-point > directory, or added as an "-o users,umask=000" in /etc/fstab ?
umask only applies to file systems with no intrinsic permission settings, e.g. VFAT. The permissions for file systems with permission bits are set in the file system itself. Which is why before and after mounting the mount point may have different permission listings. In otherwords, chmod/chown/chgrp applied to the mount point with nothing mounted will change the mount point's listing when nothing is mounted, and chmod/chown/chgrp applied to the mount point after mounting will change the permissions of the actual file system. > > However I'm posting to solicit suggestions on the best permissions > practices for this purpose. mediatomb shouldn't need write access to these > files or folders at all - there's no option on the UPnP client, for > instance, to delete files from the server. Should I make the drives owned > by "users" and in the "mediatomb" group, with read-only access for the > latter? Any other suggestions? > What's so secret in your media folders that you can't just give read access to mediatomb? Why don't you have it like you have now with regards tot he owner and group and just give read permission to other? owner root group users umask 002 (i.e. you will have rwxrwxr-x or rw-rw-r-- ?) To do any fancier (say, files owned by root, read-write access for all users and read access only for mediatomb and no access for everyone else) you will probably need a real ACL with which I can offer no suggestions. W -- When coal was first discovered, there was a large black market. Sortir en Pantoufles: up 662 days, 12:48
