Choose Ubuntu User for Emby to run as?

[halfrican 0]

when i did the initial install from terminal i was asked to select a user at which time i chose my preference.  however, after install i found that emby is running as user "emby" regardless of my choice during setup.  

 

I am having periodic permission issues which I believe directly relate to emby not running under a user that has access to all of my shares.

 

Is there a way to change the user emby is running as without having to start over with the installation from scratch?

 

Sorry if this has been asked before, I searched but didn't see any exact scenario.

 

Thanks in advance!

 

Mark

 

PS. installed on ubuntu 14.04.3

 

[Wurlitzer_ 1]

Adding the emby user to the group that has access to the media folder works.

$ sudo usermod -a -G unix_user emby

Reboot or restart emby-server.

 

 

EDIT: Sorry - this is not the right solution. Folders with permissions 755 won't be accessible by emby obviously. I reinstalled emby, and it clearly asks during installation what user to run it with. However, it still runs as user emby after installation. 

 

Additionally chmoding media folder to 775 should fix this, but only as a workaround.

Edited December 10, 2015 by Wurlitzer_

[nicheplayer 8]

We were having a similar issue. Check this out; maybe it'll help?

[hurricanehrndz 149]

when i did the initial install from terminal i was asked to select a user at which time i chose my preference.  however, after install i found that emby is running as user "emby" regardless of my choice during setup.  

 

I am having periodic permission issues which I believe directly relate to emby not running under a user that has access to all of my shares.

 

Is there a way to change the user emby is running as without having to start over with the installation from scratch?

 

Sorry if this has been asked before, I searched but didn't see any exact scenario.

 

Thanks in advance!

 

Mark

 

PS. installed on ubuntu 14.04.3

Yes, please look at the conf file "/etc/emby-server.conf"

[elmerF 1]

Good morning. Decided to give Emby's a spin, especially since it supports Linux, and in my case Ubuntu.  So, I installed it on Lubuntu 17.10.  Installed nicely!  Started setup, and it allowed me to see the public folders on my WD NAS using the the format 192.168.x.xxx/Public/Movies.  Nice! Then I tried to link to an attached USB drive with an NTFS harddrive.  Lubuntu sees this drive just fine, Emby decided it didn't have read access. Read this post (and several other posts) concerning Linux installs, external hard drives, and permissions problems mostly blamed on ntfs. Well okay, I just reformat the drive to fat32, that ought to cure the problem, right?  Well no. Same problem. The media mount folder is owned by root:root.  Alright let's just change that to emby:emby, or user:user.  No can do, even as su.  Apparently it's an immutable (?) so you have to use chattr -i. Nope, that doesn't work either - probably because it's DOS?  Reinstalled the entire OS and started again, this time with an ext4 external drive. Now, using chattr -i, I can stop this immutable problem and set the device as user:user.  Now I can set ownership on all folders/files to 777 (worry about security later).  Start Emby, and it still cannot see the drive (can't get past /media/user/).  Okay, I'll change it to emby:emby (and again you must chmod 777). We can play this game all day!

 

Whew! That apparently works.

 

I'm sure I broke every Linux security rule on the books, and no, I'm not going to open my firewall for external access. Anyway, thanks for trying to tackle Linux, but something more needs to be done here I think. but hey, I'm just a novice.

Edited January 7, 2018 by elmerF

[Luke 37095]

hi @@elmerF, what do you think needs to be done?

[dcrdev 251]

Good morning. Decided to give Emby's a spin, especially since it supports Linux, and in my case Ubuntu.  So, I installed it on Lubuntu 17.10.  Installed nicely!  Started setup, and it allowed me to see the public folders on my WD NAS using the the format 192.168.x.xxx/Public/Movies.  Nice! Then I tried to link to an attached USB drive with an NTFS harddrive.  Lubuntu sees this drive just fine, Emby decided it didn't have read access. Read this post (and several other posts) concerning Linux installs, external hard drives, and permissions problems mostly blamed on ntfs. Well okay, I just reformat the drive to fat32, that ought to cure the problem, right?  Well no. Same problem. The media mount folder is owned by root:root.  Alright let's just change that to emby:emby, or user:user.  No can do, even as su.  Apparently it's an immutable (?) so you have to use chattr -i. Nope, that doesn't work either - probably because it's DOS?  Reinstalled the entire OS and started again, this time with an ext4 external drive. Now, using chattr -i, I can stop this immutable problem and set the device as user:user.  Now I can set ownership on all folders/files to 777 (worry about security later).  Start Emby, and it still cannot see the drive (can't get past /media/user/).  Okay, I'll change it to emby:emby (and again you must chmod 777). We can play this game all day!

 

Whew! That apparently works.

 

I'm sure I broke every Linux security rule on the books, and no, I'm not going to open my firewall for external access. Anyway, thanks for trying to tackle Linux, but something more needs to be done here I think. but hey, I'm just a novice.

 

You're relying on gvfs to automount the drive i.e. the desktop environment -

 

When you do that udisks get's triggered and it applies special acls that make the folder only accessible from the user account that was active at the time the drive was mounted. You're not supposed to change the permissions on drives mounted this way by design.

 

I've seen several users now making this oversight... 

 

You need to mount the drive another way preferably fstab - if your concerned about being able to attach/detach the drive at will, you turn the mount into a systemd automount so that the drive will unmount if it's disconnected and remount when it is. To do that you can add these parameters to fstab:

noauto,x-systemd.automount,x-systemd.device-timeout=10

Additionally DOS filesystems don't support Unix permissions, but you can fake it by mounting with the following parameter:

permissions

^ Any permissions you set won't carry over to another system though.

 

Also it goes without saying that you should not make anything world read,write,execute!

 

hi @@elmerF, what do you think needs to be done?

 

I think you should make it more prominent in the documentation that you can't use the built in auto mounting functionality of desktop environments. Some* of your competitors *cough* make this very prominently featured in their getting started guide.

Edited January 7, 2018 by dcrdev

[elmerF 1]

hi @elmerF, what do you think needs to be done?

Before anything is changed, userMe can do anything to the files on that automounted external drive that I want, which must mean (again I am not a Linux guru) that userMe must have some type of group permissions that allows that behavior.  So, I would think that emby needs to be seen as a user and needs to have the proper group permissions. Root is allowing userMe to access the drive.  Not sure how, because again, I'm pretty much a novice.  If that approach doesn't pan out then I agree with dcdev - create a detailed document on properly installing an external drive, because this is always going something commonly done due to the storage requirements for video files.

[dcrdev 251]

hi @[member="elmerF"], what do you think needs to be done?

Before anything is changed, userMe can do anything to the files on that automounted external drive that I want, which must mean (again I am not a Linux guru) that userMe must have some type of group permissions that allows that behavior.  So, I would think that emby needs to be seen as a user and needs to have the proper group permissions. Root is allowing userMe to access the drive.  Not sure how, because again, I'm pretty much a novice.  If that approach doesn't pan out then I agree with dcdev - create a detailed document on properly installing an external drive, because this is always going something commonly done due to the storage requirements for video files.

 

 

Nothing needs to change on Emby's side except more prominent docs - there isn't anything that Emby could do differently, it's bound by how posix permissions work.

 

Do what I said above and then per your requirements to have a group that can access your media, read my post here: https://emby.media/community/index.php?/topic/27321-getting-folder-permissions-right-once-and-for-all/&do=findComment&comment=497312

 

^ When you understand that... here's a script that's going to do exactly what you want:

#!/bin/bash
# --------------------------------------------------
# Usage: script.sh <username> <group> <path>
# --------------------------------------------------

declare -r USERNAME="$1"
declare -r GROUP="$2"
declare -r MEDIA_DIRECTORY="$3"

function tests {

    local thisScript=`basename "$0"`

    # Check for arguments
    if [ -z "$USERNAME" ] || [ -z "$GROUP" ] || [ -z "$MEDIA_DIRECTORY" ]; then
        echo "Usage: $thisScript <username> <group> <directory>"
        exit 1
    fi

    # Does the user exist?
    if ! id "$USERNAME" >/dev/null 2>&1; then
        echo "The user $USERNAME does not exist!"
        exit 1
    fi

    # Does the group exist?
    if [ ! `getent group "$GROUP"` ]; then
        echo "The group $GROUP does not exist!"
        exit 1
    fi

    # Does the path exist?
    if [ ! -d "$MEDIA_DIRECTORY" ]; then
        echo "The path $MEDIA_DIRECTORY does not exist!"
        exit 1
    fi

    # Am I root?
    if [ "$(id -u)" != "0" ]; then
        echo "This script must be run as root!"
        echo "Trying sudo..."
        sudo sh "$0" "$USERNAME" "$GROUP" "$MEDIA_DIRECTORY"
        exit $?
    fi

}

function cleanup {

    # Cleanup any leftover acls / execute bits
    chmod -R a-x "$MEDIA_DIRECTORY"
    setfacl -R -bn "$MEDIA_DIRECTORY"

}

function ownership {

    # Set ownership and set gid
    chown -R "$USERNAME":"$GROUP" "$MEDIA_DIRECTORY"
    chmod -R g+s "$MEDIA_DIRECTORY"

}

function permissions {

    # Set conservative permissions
    chmod -R u+rwX "$MEDIA_DIRECTORY"
    chmod -R g+rwX "$MEDIA_DIRECTORY"
    chmod -R o+rX "$MEDIA_DIRECTORY"

}

function acls {

    # Enforce default permissions via acls
    setfacl -R -d -m u::rwX "$MEDIA_DIRECTORY"
    setfacl -R -d -m g::rwX "$MEDIA_DIRECTORY"
    setfacl -R -d -m o::r-X "$MEDIA_DIRECTORY"

}

tests && \
sleep 0.5 && \

cleanup >/dev/null 2>&1 && \
sleep 0.5 && \

ownership >/dev/null 2>&1 && \
sleep 0.5 && \

permissions >/dev/null 2>&1 && \
sleep 0.5 && \

acls >/dev/null 2>&1 && \
echo "Done."