Required UNIX permission for running Syncthing


(Marco Ronchese) #1

Hi!

I’m trying to setup a really basic two user Syncthing node using just one syncthing instance (FreeNAS). I am aware that there are discussion in place on how to sync permission flags, and I’m also aware that I could run multiple instances of Syncthing. My setup is really simple so I’m hoping to do it in this way.

To simplify, I have 2 “clients” (Mac/Win) and one “server”. On the server I have 3 users: user1, user2, syncthing. Not surprising is that Syncthing is running (in a jail) under the user syncthing. I created 2 folders, Sync/User1 and Sync/User2, with setgid set and owned by user1:user1group and user2:user2group respectively. The user syncthing is part of user1group and user2group. The permissions are 770 and Syncthing is set to ignore permissions.

The syncthing folders are created in Sync/User*/ folders.

In my mind this should work: Syncthing, since is in the groups user1group and user2group has full access to Sync/User*/ folders. When it creates a file, that file will be owned by syncthing, but, since setgid flag is set, the group will be set to userxgroup, hence userx can also have access (locally or via smb).

But in the real world Syncthing says: permission denied. The funny part is that if I su - syncthing I can write in the folder as expected.

What I’m doing wrong? Maybe Syncthing needs to be the owner? But why? Can the FreeBSD jail be the problem?

Thanks in advance for your help


(Jakob Borg) #2

I don’t know, it sounds like it ought to work. I recommend taking Syncthing out of the equation - open a shell as the same user, in the same jail, and explore the situation.


(Marco Ronchese) #3

Solved.

Once you confirmed me that this should work, I looked into the jail/host user mapping and I found this.

Thanks!


(system) #4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.