I've gotten some great help in this forum so far with setting up my first Proxmox box and dealing with a few configuration issues. I've got most of them sorted out and I want to make sure that I am doing this correctly as far as users and permissions go.
My setup is Proxmox installed on a USB drive with an attached ZFS pool that has datasets for everything Proxmox needs (VMs, ISOs, backup etc) and a data set for shared media, as well as other datasets for things like backups.
Coming from FreeNAS I can set all the permissions (recursively with a simple checkbox) for users and groups as well as configure various sharing and services. FreeNAS made it easy to fix permissions in the GUI so I want to make sure I am setting my new VMs and users correctly. I also want to import my exist FreeNAS created ZFS pool and make sure the permissions are ok.
The main concern revolves around a "Media" dataset on the zpool. zpool/media lets say.
I have a LXC that runs Plex and mounts the zpool/media locally to access the files and serve them.
I have another LXC that runs Deluge that mounts zpool/media to write to the dataset
And I have another LXC that runs SAMBA server, mounts zpool/media (and others) and shares them via SMB with it's own config and permissions.
In FreeNAS I currently have 3 users, UserA, UserB, and a freenas user.
Everyone belongs to the group "home"
freenas user is set as the default user for guest access to the zpool/media share
UserA can access specific shares that UserB cannot and vice versa. Both can access zpool/media as registered users.
So the zpool/media dataset has it's own permissions already. Now at least 3 different Proxmox guest LXCs will be reading/writing from it as well as SMB clients.
When I set up the LXCs I created a new user, created a home group, added that user to the home group, and granted them sudo privileges in visudo and that is the user I use to ssh in and do everything on these LXCs.
Is their a "right" way to handle these permissions/users/groups for LXCs that will be accessing the same set of data from the Proxmox host?
My setup is Proxmox installed on a USB drive with an attached ZFS pool that has datasets for everything Proxmox needs (VMs, ISOs, backup etc) and a data set for shared media, as well as other datasets for things like backups.
Coming from FreeNAS I can set all the permissions (recursively with a simple checkbox) for users and groups as well as configure various sharing and services. FreeNAS made it easy to fix permissions in the GUI so I want to make sure I am setting my new VMs and users correctly. I also want to import my exist FreeNAS created ZFS pool and make sure the permissions are ok.
The main concern revolves around a "Media" dataset on the zpool. zpool/media lets say.
I have a LXC that runs Plex and mounts the zpool/media locally to access the files and serve them.
I have another LXC that runs Deluge that mounts zpool/media to write to the dataset
And I have another LXC that runs SAMBA server, mounts zpool/media (and others) and shares them via SMB with it's own config and permissions.
In FreeNAS I currently have 3 users, UserA, UserB, and a freenas user.
Everyone belongs to the group "home"
freenas user is set as the default user for guest access to the zpool/media share
UserA can access specific shares that UserB cannot and vice versa. Both can access zpool/media as registered users.
So the zpool/media dataset has it's own permissions already. Now at least 3 different Proxmox guest LXCs will be reading/writing from it as well as SMB clients.
When I set up the LXCs I created a new user, created a home group, added that user to the home group, and granted them sudo privileges in visudo and that is the user I use to ssh in and do everything on these LXCs.
Is their a "right" way to handle these permissions/users/groups for LXCs that will be accessing the same set of data from the Proxmox host?