User "guest" not in group "everyone"?

Discussion on setting up QNAP NAS products.
Post Reply
Jim DeLaHunt
Starting out
Posts: 35
Joined: Tue Apr 06, 2010 1:41 pm

User "guest" not in group "everyone"?

Post by Jim DeLaHunt » Mon Apr 19, 2010 9:31 am

Hi, I'm setting up my TS-219P, and I've just upgraded it to firmware 3.2.5 build 0409T.

There is a user-group "everyone", which includes all the users on my system except for users "httpdusr" and "guest". Is it intentional that these two be left out?

I'm setting up my music-playing system. The Firefly software supplied by QNAP runs as user "guest". My 85GB of existing music is mostly owned by my user, and the group "everyone", with permissions "-rwxrw----". That is, for most files, group "everyone" can read and write the music files, but any user outside of "anyone" cannot even read the music files.

Since user "guest" isn't in group "everyone", the music player can't see most of my music files. This seems like the wrong result.

I can certainly create a new user for the purpose of playing music. This user will be added to group "everyone". I can run the music player as this user. Or, I could change permissions on my music files so that the world can read music files. Or, I could add user "guest" to group "everyone". The admin interface doesn't let me do this, but I could probably edit /etc/group. Any advice on which option to choose?

Q1. Is it intentional that user "guest" and user "httpdusr" be left out of group "everyone"?

Q2. Am I well advised to create a user with the purpose of playing music files, and set up permissions so that all music files are in a group with this user?

Q3. Are there bad consequences of making all my music files world-readable?

Thanks in advance for any advice.

--Jim DeLaHunt, Vancouver, Canada. Multilingual Joomla & Drupal website consultant.
Jim DeLaHunt, multilingual websites consultant, Vancouver, Canada. User Jim_DeLaHunt on wiki.qnap.com.
My QNAP device: TS-219P, firmware 4.3.3.1252 Build 20200409, 3TB + 1TB Western Digital disks as a backup container.
Also: a FreeNAS Mini E with 4 x 6TB Western Digital Red disks and a ZFS filesystem.

User avatar
schumaku
Guru
Posts: 43664
Joined: Mon Jan 21, 2008 4:41 pm
Location: Kloten (Zurich), Switzerland -- Skype: schumaku
Contact:

Re: User "guest" not in group "everyone"?

Post by schumaku » Tue Apr 20, 2010 4:54 pm

Jim DeLaHunt wrote:Q1. Is it intentional that user "guest" and user "httpdusr" be left out of group "everyone"?
Basic security considerations - we do not want any files being potentially made available e.g. over the httpd, ftpd, ... or similar.

Jim DeLaHunt wrote:Q2. Am I well advised to create a user with the purpose of playing music files, and set up permissions so that all music files are in a group with this user?
Certainly a valid consideration - but not very user friendly need to map different shares with different users. Unhandy to maintain - any potential modifications to the startup script will be lost with following firmware updates.

Jim DeLaHunt wrote:Q3. Are there bad consequences of making all my music files world-readable?
Not speaking hard-core security - this is the way to go.

Some background: Still the majority of QNAP users work with Windows File Sharing (SAMBA) - the default Unix file protection is (ab-) used for mapping some Windows bits - and the access to all these files is "world" open. Thus, the standard config works for most.

The "nice" way to protect the media files in a better way were ACL - Access Control Lists - but this feature is not available on the QNAP NAS.

-Kurt.

Post Reply

Return to “Turbo Station Installation & Setup”