Sorry if this is the wrong place, it’s a Linux question but it’s come about whilst trying to build my arr-Plex stack.

So, Linux (Debian) user accounts; What is best practice for running applications as their own UID? Why should I do that? and how can I avoid file permission errors.

I see advice such as “create a new system account called radar/sonarr/Plex”. So I do that, and then find all my downloads are owned by qbittorrent user and it doesn’t have permission to move them into my Plex library and Plex can’t view them either.

All seems overcomplicated. Why can’t I just run everything all with username ‘Plex’?

  • Chewy
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    2
    ·
    edit-2
    8 months ago

    Running everything under a single user is possible, but it also means an issue with a single app could wipe everything. It’s better practice to add each user to a media group, and set *arr and qbittorrent to use this group and allow write permissions for users in the same group (e.g. 775 instead of 755). This means all users (plex, qbit, *arr) in the group media can access and modify files owned by media (or use the GID).

      • Chewy
        link
        fedilink
        English
        arrow-up
        2
        ·
        8 months ago

        You’re right, media could still be wiped. Other data owned by users would be protected (e.g. configs).

    • cerulean_blue@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      8 months ago

      That makes sense. Thank you so much. That is a question that has caused me issues for a long time. Now I understand it.