You are not logged in.

Pages: 1

#1 2023-04-05 22:58:27

barney
Member
Registered: 2020-12-14
Posts: 130

[solved] Problems with minidlna

I have installed minidlna and configured it like stated in the Wiki page https://wiki.archlinux.org/title/ReadyM … d_starting.
I have added override.conf file in /etrc/systemd/system/minidlna.service.d/ with contents:

[Service]
ProtectHome=read-only

But I still get the permission denied error for media folders in my home folder.
I have read few posts on this forum, and other forums, about this error and everywhere adding the override file solves the problem. Not for me.

Last edited by barney (2023-04-06 19:59:05)

Offline

#2 2023-04-05 23:02:28

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 25,255

Re: [solved] Problems with minidlna

Did you reload the systemd daemon and restart the dlna service ?

Offline

#3 2023-04-05 23:07:49

barney
Member
Registered: 2020-12-14
Posts: 130

Re: [solved] Problems with minidlna

V1del wrote:

Did you reload the systemd daemon and restart the dlna service ?

I have reenabled the service, reload the systemd daemon and restarted the minidlna service. I have tried with reboot too.

Offline

#4 2023-04-05 23:28:02

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 25,255

Re: [solved] Problems with minidlna

FWIW generally speaking your /home folder and files you'll want to access  still need to be read accessible to "other" users if you aren't starting the daemon as your user, is that the case?

Offline

#5 2023-04-05 23:33:36

barney
Member
Registered: 2020-12-14
Posts: 130

Re: [solved] Problems with minidlna

V1del wrote:

FWIW generally speaking your /home folder and files you'll want to access  still need to be read accessible to "other" users if you aren't starting the daemon as your user, is that the case?

The rx flag is set for others on all folders and files in that folders.

Offline

#6 2023-04-06 01:49:09

barney
Member
Registered: 2020-12-14
Posts: 130

Re: [solved] Problems with minidlna

Trying to solve the problem, I have ended reading the article about Dynamic Users. There I have read this sentence:
"After all on UNIX, in order to get access to a specific path you need access to every single component of it."
After this, it was clear that minidlna must have access to my home folder. After setting the permissions of the home folder to drwx--x--x, (when using the useradd command to create user in Arch Linux, default permissions on home folder for the user are drwx------ ) minidlna have successfully read media folders.
I don't know if setting the permissions on home folder to drwx--x--x can be security issue?

Offline

#7 2023-04-06 06:53:53

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 76,349

Re: [solved] Problems with minidlna

This has nothing to do w/ dynamic users, 700 doesn't allow anyone but the owner to enter the directory (and w/o entering it, you can't access the files)
You may want to restrict the access to some group (own the relevant files to that group and add minidlna to that group) or use https://wiki.archlinux.org/title/Access_Control_Lists to allow access to minidlna (next to your $USER) exclusively.

Please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

#8 2023-04-06 19:57:38

barney
Member
Registered: 2020-12-14
Posts: 130

Re: [solved] Problems with minidlna

This has nothing to do w/ dynamic users

I know that, I didn't know that you must have access to the parent directory in order to have access to the child directory.

You may want to restrict the access to some group

I have decided that allowing access to some group to my home folder is security risk. I will create folder outside of the home folder, give minidlna read access to that directory and transfer my multimedia files in that directory.
Thanks for your time.

Offline

#9 2023-04-06 23:13:25

barney
Member
Registered: 2020-12-14
Posts: 130

Re: [solved] Problems with minidlna

There is more elegant solution to this problem. There is no need to change permissions of the $HOME folder from 0700 to 0711. All that is needed is override file in /etc/systemd/system/minidlna.service.d/ whith this content:

[Service]
ProtectHome=tmpfs
BindReadOnlyPaths=/home/<user>/path/to/media/dir

Offline

#10 2023-04-07 05:24:37

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 76,349

Re: [solved] Problems with minidlna

Because you're not exporting some path in your $HOME but a bind mount to it.
https://man.archlinux.org/man/core/util … _operation

nb. that this might fail w/ eg. symlinks pointing out of that branch.

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Offline

Pages: 1

Board footer

Powered by FluxBB