search

pducharme / UniFi-Video-Controller

Docker for Unifi-Video Controller (Ubiquiti Networks)
199 stars 105 forks source link

Written video file permissions are different from set on first start #161

Open 0xE1 opened 4 years ago

0xE1 commented 4 years ago

All video files that are created by Unifi Video after docker is started have incorrect file permissions:

Here's example of files with permissions that are set by dockerfile on start (if you remove perms.txt) and then new files have different permissions, new files cannot be browsed on a share by any user (permissions are only set for owner).

-rw-rw-r-- 1 nobody users  754723 Oct 27 20:34 1572204867005_1572204869005_1572194598614_11588137.mp4
-rw-rw-r-- 1 nobody users  775028 Oct 27 20:34 1572204869043_1572204871043_1572194598614_11590137.mp4
-rw------- 1 nobody users  774991 Oct 27 20:40 1572205219236_1572205221236_1572205197167_11940337.mp4
-rw------- 1 nobody users  913775 Oct 27 20:40 1572205221247_1572205223247_1572205197167_11942337.mp4
fryfrog commented 4 years ago

Thanks, looks like we don't have a UMASK env variable, so it just uses what ever Unifi Video wants. I'll get that into our image, how silly of us! :)

0xE1 commented 4 years ago

Thanks, I believe that from Unifi Video perspective that is not an intended way of accessing recordings, so we're just hacking it to our own specifications =)

fryfrog commented 4 years ago

Yeah, for sure. But if we're going to set files to 775 or 755 w/ a chmod, we should keep it that way! :)

fryfrog commented 4 years ago

I pushed some changes to how this works on :testing and :beta if you want to have a look w/ a not real install. I'll give it a try sometime too.

0xE1 commented 4 years ago

I've tried updated :beta, but new files are still written with old permissions: container log after update and removal of perms.txt

2019-11-17 13:21:10.743043 [info] UMASK defined as '002'.
2019-11-17 13:21:10.771149 [info] PUID defined as '99'
2019-11-17 13:21:10.800927 [info] PGID defined as '100'
2019-11-17 13:21:11.506290 [info] No perms.txt found, setting ownership and permissions recursively on videos.
2019-11-17 13:21:11.506290 [info] No perms.txt found, setting ownership and permissions recursively on videos.
2019-11-17 13:23:11.500810 Starting unifi-video... (unifi-video) Hardware type:Unknown
(unifi-video) checking for system.properties and truststore files...
done.
2019-11-17 13:23:11.614447 Waiting for mongodb to come online........... done.
2019-11-17 13:23:11.614447 Waiting for mongodb to come online........... done.

files that were created before container updated with perms.txt removed

-rw-rw-r-- 1 nobody users  885173 Nov 17 13:20 1573993255361_1573993257361_1573992883269_1799970665.mp4
-rw-rw-r-- 1 nobody users  673292 Nov 17 13:20 1573993257401_1573993259401_1573992883269_1799972665.mp4

Files created after update:

-rw------- 1 nobody users  759811 Nov 17 13:23 1573993427683_1573993429683_1573993415529_1800142932.mp4
-rw------- 1 nobody users  768801 Nov 17 13:23 1573993429661_1573993431661_1573993415529_1800144932.mp4

container umask values

# umask
0022
# echo ${UMASK}
002
fryfrog commented 4 years ago

Humm, they must be setting the umask. :/

martinjuhasz commented 4 years ago

would love to see a setting for correcting user/group and permissions. that way i could enable my videos folder sharing in different services

Sprooty commented 4 years ago

This is breaking things for me also. I sync videos to cloud but having very annoying permission issues trying to read the files out of the container/volume.

fryfrog commented 4 years ago

We'd probably have to reverse engineer their startup script and figure out what the heck they're doing. :/

Sprooty commented 4 years ago

Might be able to work around the issue using cp/move/sync commands to and another volume and re-write the permissions.. shitty but it will probably work. Moving them will cause all types of issues for the video index though.

Icegames-dk commented 4 years ago

I have this problem when starting the latest docker image on a Qnap NAS with Container Station running. 2020-04-14 13:11:42.316037 [info] UMASK defined as '002'.
2020-04-14 13:11:42.636772 [info] PUID defined as '99'
2020-04-14 13:11:59.928274 [info] PGID defined as '100'
2020-04-14 13:12:00.568430 [info] No perms.txt found, setting ownership and permissions recursively on videos.
2020-04-14 13:12:00.658122 Starting unifi-video... mount: /var/cache/unifi-video: permission denied.
failed.
2020-04-14 13:16:44.062952 [info] UMASK defined as '002'.
2020-04-14 13:16:44.158453 [info] PUID defined as '99'
2020-04-14 13:16:44.308196 [info] PGID defined as '100'
2020-04-14 13:16:45.189209 [info] File perms.txt blocks chown/chmod of videos.

Can you see what the problem is ? I'm not that good with fixing container problems.

When running kc8apf/unifi-video:latest I don't get the problem but he don't update the image any more.

fryfrog commented 4 years ago

@Icegames-dk, thanks to @thomaso-mirodin's #176, we dropped some permissions and switched to mounting the tmpfs volume ourselves. Make sure you're doing the right things, compare your docker run w/ the current example in the README.

        --tmpfs /var/cache/unifi-video \
        -e CREATE_TMPFS=no \

And your issue isn't related to permissions, which is what this thread is about. The key to your error is the mount error between the two permissions fixing spam.

2020-04-14 13:12:00.658122 Starting unifi-video... mount: /var/cache/unifi-video: permission denied.
failed.

If you don't get this figured out, please make a new issue or post on the forums and include your docker run or docker-compose.