Understanding Group privileges.

I played Linux several years, and familiar with account management, which means I am familiar account management commands and basic mechanism, I'm not always do those unless I need them.

Last weekend I refactored FreeNA storage pools, let's show you the previous structures.

root / default dataset: /mnt/v_3x2t

windows-share:
	movies
    tv
    films
    ...
    
bt:
	movies
    tv
    
timemachine:
	...
    
btsync:
	sync1
    sync2
    ...
    
afp:
	afp1
    afp2

It looks like grouped by share method, yes!

Why?

Because I'm beginner of FreeNAS, and I just want to build up some services for storage movies and play movies on a projector, desktop, mobile phone.

So the first share service is SMB, and I use Windows with virtual machines, the easiest way is SMB, then I setup a BT service, because there is a windows specified directory, so I need a BT specified hierarchy, same as other service.

Is it bad?

Not really, a little duplicated, I have to add two movies directory in Plex, since my movie sources come from SMB and BT, maybe AFP. As I want limit movie sources, I have to move files between AFP with SMB or AFP with BT, etc.

Current State

movies:
	...
    
tvs:
	...
    
...

Yes, simpler than before. I moved all movies to movies, and all tv shows to tvs, and I concentrate pictures to pictures, and build up a cloud sync task for pictures.

If I need access movies from Windows, I just setup a SMB share for movies, if I need access on MacOS, I just setup AFP or use SMB directly.

Not sure

I'm not sure whether use a dedicated dataset or just a directory. If I just use directories under the root dataset, move files will be so fast than now. If they are different datasets, it likes they come from different disk, move files will be slow, within same dataset, move fast.

As some services are based on dataset, and I could setup more permissions on dataset, I think it's worth doing that.

It takes me several hours on moving files, because I setup some datasets before.

Permission

I setup some jails, Rslsync, Plex, qbittorrent. I should make sure programs in jails have write permission on mounted points.

There are several methods to figure out, I use group write. All plugins user group use a mapped group on host, e.g. the group on host named xshare, which gid is 819. I created a group in every plugins, and run plugins with that group, if you want files user name reasonably on host, just created a user for every plugins, e.g. I created a user bt for qbittorrent plugin, and a btsync for Rslsync plugin.

AFP use @xshare read and write directory, and use a dedicated user afp_user as owner.