Hi I’m trying to change the default plex group to allusers group. It’s a LDAP group on my server. It’s a CentOS based server. I made a override file with:
systemctl edit plexmediaserver
#
# Customize Plex's config
#
# Identify this as a service override
[Service]
#
# These values are only needed if you wish to change user & group
User=plex
Group=allusers
I did a:
systemctl daemon-reload
and then started plexmediaserver again.
[root@columbia ~]# systemctl status plexmediaserver
● plexmediaserver.service - Plex Media Server
Loaded: loaded (/usr/lib/systemd/system/plexmediaserver.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/plexmediaserver.service.d
└─override.conf
Active: active (running) since Sat 2020-06-20 16:16:26 CEST; 1s ago
Process: 31147 ExecStartPre=/bin/sh -c /usr/bin/test -d "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" || /bin/mkdir -p "${PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR}" (code=exited, status=0/SUCCESS)
Main PID: 31151 (Plex Media Serv)
CGroup: /system.slice/plexmediaserver.service
├─31151 /usr/lib/plexmediaserver/Plex Media Server
├─31175 Plex Plug-in [com.plexapp.system] /usr/lib/plexmediaserver/Resources/Plug-ins-513b381af/Framework.bundle/Contents/Resources/Ve...
└─31221 /usr/lib/plexmediaserver/Plex Tuner Service /usr/lib/plexmediaserver/Resources/Tuner/Private /usr/lib/plexmediaserver/Resource...
if I do:
[root@columbia ~]# id plex
uid=988(plex) gid=1000(plex) groups=39(video),1000(plex)
It still uses to old group. Please some guidance.
Hmm, strange I can access and play the files. So it seems to work with the set permissions!
drwxrwx--- 1312 flexshare allusers 36864 Jun 16 08:59 music
Can someone explain why “id plex” still gives a GID 1000?
what do getent passwd plex and getent group plex return.
I believe you’ll find your answer here.
You’ll also want to consider: id -r plex, id -u plex, id -G plex and id -g plex
in conjunction with groups plex.
The id command, in isolation, is returning the primary UID/GID as defined in /etc/passwd; not the ancillary groups to which plex has added at start time.
Blockquote The id command, in isolation, is returning the primary UID/GID as defined in /etc/passwd; not the ancillary groups to which plex has added at start time.
Okay, clear.
[root@columbia shares]# getent group plex
plex:x:1000:
That is strange the plex group (GID 1000) is added to the LDAP groups list…
but I set “allusers” as group of plex.
#
# Customize Plex's config
#
# Identify this as a service override
[Service]
#
# These values are only needed if you wish to change user & group
User=plex
Group=allusers
If I comment out the above settings and start Plex again the media files are not accessible. If I revert the changes I made everything is working again!
Huh…
Where is the media and what are the permissions / groups assigned?
The media is located locally on the server on several drives.
drwxrwx--- 1312 flexshares allusers 36864 Jun 16 08:59 music
drwxrwx--- 28 flexshares allusers 4096 Nov 12 2019 Toto
if I activate the override.conf file then all media is accessible. Tested several times.
#
# Customize Plex's config
#
# Identify this as a service override
[Service]
#
# These values are only needed if you wish to change user & group
User=plex
Group=allusers
By those ownerships,
The user ID flexshares (a spelling error for ‘plex’ ?) owns the files.
Any user ID which is a member of allusers can Read-write-delete.
Anything else in the system has no access. ( you have 770 as permissions - which excludes “others”)
May I inquire what you’re trying to achieve?
Blockquote The user ID flexshares (a spelling error for ‘plex’ ?) owns the files.
What do you mean?
Blockquote Any user ID which is a member of allusers can Read-write-delete.
Blockquote Anything else in the system has no access. ( you have 770 as permissions - which excludes “others”)
Yes.
Blockquote May I inquire what you’re trying to achieve?
Flexshares is a app on this server. You make a flexshare and copy your files to this location. When I make a flexshare this are the default permissions:
drwxrwx--- 2 flexshares allusers 6 Jun 20 21:01 test_share
So I want make plex work with these default settings.
I can define user groups. So “allusers” could be a user defined group.
Thanks. So you’re using a third-party addon/app.
Is username plex a member of the allusers group at the Linux level – independent of the app?
Is there indeed a group allusers in /etc/group?
It a official app written by the devs of the server OS which you can install on this server.
snippet /etc/group
screen:x:84:
printadmin:x:988:
wbpriv:x:88:
flexshares:x:987:
system-mysql:x:986:
plex:x:1000:
allusers:*:63000:flexshare,marcelvanleeuwen,winadmin,guest,email-archive
guests:*:1000546:nomembers
domain_admins:*:1000512:winadmin
domain_users:*:1000513:nomembers
plex is not a member of “allusers”. If I comment out the override.conf file:
#
# Customize Plex's config
#
# Identify this as a service override
[Service]
#
# These values are only needed if you wish to change user & group
#User=plex
#Group=allusers
Then plex can’t access the media files BUT this override file is adding “plex” to “allusers”. I now realize that… do you agree?
This is getting more complicated by the minute:
- Not Centos – rather a derivative
- Clearly the UMASK defaults need correcting
The challenge here is to determine which value.
I recommend:
- Create a username in the specific UID/GID you’re going to use which isn’t a member of anything else.
- Launch a
su shell to that username to have a working shell.
- Alternate between
touch, ls -la and umask to find a default file permissions mask which is going to work. (ends up with r-x as the ending permissions)
- If that does not succeed, go into their app and change the default creation permissions. If that’s not an option ------- ???
Now, with that umask in hand, apply it back into the main application you’re using so that anything it creates is created using that umask. (You will likely need to create a service override for it to set the UMask to the desired value)
