2024-05-19, 09:10 PM
After many days of trying different things I am unable to get Jellyfin to read my movie dataset when the owner and group change to the desired owner and group although the permissions to my knowledge are correct. The setup is as follows.
Credentials
group created: media
- users in group: www-data, apps
Datasets
Pool Name: Pool 2
Dataset Name: Jelly
my movies are in the following path: \mnt\Pool 2\Jelly\BoxOffice
Details for Jelly Dataset
- Owner: apps
- Group: apps
- POSIX Permissions
User Obj – apps / Read | Wite | Execute
oe
If I go in to the dataset and apply owner / group and set all the permissions above recursively everything works perfectly. The problem comes in when I perform an rsync from another server. When I do this, it will change the permissions on purpose to match the system it is coming from. This changes the owner and group of the files to www-data:www-data as I show below. Technically when I do this it should still work because the dataset has the "media" group permissions assigned in the ACL ( see above has www-data in it ). I don't know why jellyfin is not able to read even if the permissions are set ( unless I am missing something). Yes I have stopped and started Jellyfin multiple times and yes I have even rebooted the NAS and nothing seems to work. I miagine I am missing some key thing but I have not been able to pinpoint it researching on forums and youtube.
Before I perform my rsync it works but I do not want the files to remain owned by apps so while it works, it wont work for me. Here is the getfacl details.
root@truenas[/mnt/Pool 2]# getfacl /mnt/Pool\ 2/Jelly
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly
# owner: apps
# group: apps
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
root@truenas[/mnt/Pool 2]# getfacl /mnt/Pool\ 2/Jelly/BoxOffice
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly/BoxOffice
# owner: apps
# group: apps
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
After my rsync, this is what the getfacl looks like. and at this point I am unable to scan the directory as Jellyfin loses all its access to the files and makes me very unhappy in the process. notice that only the BoxOffice permissions change owner and group but all else seems to remain the same. media should have permissions but Jellyfin seems to ignore them.
root@truenas[~]# getfacl /mnt/Pool\ 2/Jelly
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly
# owner: apps
# group: apps
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
root@truenas[~]# getfacl /mnt/Pool\ 2/Jelly/BoxOffice
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly/BoxOffice
# owner: www-data
# group: www-data
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
in case it helps this is the rsync command I am using.
rsync -auzvP --delete -e "ssh -p22" "/path/to/files" "XXXXX@###.###.###.###mnt/Pool 2/Jelly"
Credentials
group created: media
- users in group: www-data, apps
Datasets
Pool Name: Pool 2
Dataset Name: Jelly
my movies are in the following path: \mnt\Pool 2\Jelly\BoxOffice
Details for Jelly Dataset
- Owner: apps
- Group: apps
- POSIX Permissions
User Obj – apps / Read | Wite | Execute
Read | Write | Execute
Group Obj – apps / Read | Wite | ExecuteRead | Write | Execute
Group – media / Read | Wite | ExecuteRead | Write | Execute
Mask / Read | Wite | ExecuteRead | Write | Execute
Other / NoneNone
User Obj – default – apps / Read | Wite | ExecuteRead | Write | Execute
Group Obj – default – apps / Read | Wite | ExecuteRead | Write | Execute
Group – default – media / Read | Wite | ExecuteRead | Write | Execute
Mask – default / Read | Wite | ExecuteRead | Write | Execute
Other – default / Noneoe
If I go in to the dataset and apply owner / group and set all the permissions above recursively everything works perfectly. The problem comes in when I perform an rsync from another server. When I do this, it will change the permissions on purpose to match the system it is coming from. This changes the owner and group of the files to www-data:www-data as I show below. Technically when I do this it should still work because the dataset has the "media" group permissions assigned in the ACL ( see above has www-data in it ). I don't know why jellyfin is not able to read even if the permissions are set ( unless I am missing something). Yes I have stopped and started Jellyfin multiple times and yes I have even rebooted the NAS and nothing seems to work. I miagine I am missing some key thing but I have not been able to pinpoint it researching on forums and youtube.
Before I perform my rsync it works but I do not want the files to remain owned by apps so while it works, it wont work for me. Here is the getfacl details.
root@truenas[/mnt/Pool 2]# getfacl /mnt/Pool\ 2/Jelly
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly
# owner: apps
# group: apps
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
root@truenas[/mnt/Pool 2]# getfacl /mnt/Pool\ 2/Jelly/BoxOffice
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly/BoxOffice
# owner: apps
# group: apps
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
After my rsync, this is what the getfacl looks like. and at this point I am unable to scan the directory as Jellyfin loses all its access to the files and makes me very unhappy in the process. notice that only the BoxOffice permissions change owner and group but all else seems to remain the same. media should have permissions but Jellyfin seems to ignore them.
root@truenas[~]# getfacl /mnt/Pool\ 2/Jelly
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly
# owner: apps
# group: apps
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
root@truenas[~]# getfacl /mnt/Pool\ 2/Jelly/BoxOffice
getfacl: Removing leading '/' from absolute path names
# file: mnt/Pool 2/Jelly/BoxOffice
# owner: www-data
# group: www-data
user::rwx
group::rwx
group:media:rwx
mask::rwx
other::---
default:user::rwx
default:group::rwx
default:group:media:rwx
default:mask::rwx
defaultther::---
in case it helps this is the rsync command I am using.
rsync -auzvP --delete -e "ssh -p22" "/path/to/files" "XXXXX@###.###.###.###mnt/Pool 2/Jelly"