403: Forbidden running as user 'nobody'

Discussion of the Web Interface for Transmission, formerly known as Clutch. This applies to all version of Transmission
Post Reply
soofaloofa

403: Forbidden running as user 'nobody'

Post by soofaloofa »

Hi,

I'm running a headless transmission-daemon on ubuntu linux and everything is working peachy while running as user 'debian-transmission'. However, I want my downloads to be accessible from my Samba share without manually fiddling with permissions every time. To that end, I have edited /etc/init.d/transmission-daemon and set

Code: Select all

USER=debian-transmission
to

Code: Select all

USER=nobody
Unfortunately, after restarting the daemon this one change results in my previously accessible Web GUI address returning a 403 error instead:

Code: Select all

403: Forbidden

Unauthorized IP Address.

Either disable the IP address whitelist or add your address to it.

If you're editing settings.json, see the 'rpc-whitelist' and 'rpc-whitelist-enabled' entries.

If you're still using ACLs, use a whitelist instead. See the transmission-daemon manpage for details.
the whitelist or ip address haven't changed, the only thing to change is the USER variable in the startup script. Any ideas?

Thanks in advance!
Top
Longinus00
Posts: 137
Joined: Fri Aug 21, 2009 5:46 am

Re: 403: Forbidden running as user 'nobody'

Post by Longinus00 »

Change the umask.
http://trac.transmissionbt.com/wiki/EditConfigFiles
Top
soofaloofa

Re: 403: Forbidden running as user 'nobody'

Post by soofaloofa »

Longinus00 wrote:Change the umask.
http://trac.transmissionbt.com/wiki/EditConfigFiles
Still nothing. Here is my /etc/transmission-daemon/info/settings.json

Code: Select all

{
    "alt-speed-down": 50,
    "alt-speed-enabled": false,
    "alt-speed-time-begin": 540,
    "alt-speed-time-day": 127,
    "alt-speed-time-enabled": false,
    "alt-speed-time-end": 1020,
    "alt-speed-up": 50,
    "bind-address-ipv4": "0.0.0.0",
    "bind-address-ipv6": "::",
    "blocklist-enabled": false,
    "dht-enabled": true,
    "download-dir": "\/mnt\/raidarr\/public\/downloads",
    "download-limit": 100,
    "download-limit-enabled": 0,
    "encryption": 1,
    "lazy-bitfield-enabled": true,
    "max-peers-global": 200,
    "message-level": 2,
    "open-file-limit": 32,
    "peer-limit-global": 240,
    "peer-limit-per-torrent": 60,
    "peer-port": 51413,
    "peer-port-random-high": 65535,
    "peer-port-random-low": 49152,
    "peer-port-random-on-start": false,
    "peer-socket-tos": 0,
    "pex-enabled": true,
    "port-forwarding-enabled": false,
    "preallocation": 1,
    "proxy": "",
    "proxy-auth-enabled": false,
    "proxy-auth-password": "",
    "proxy-auth-username": "",
    "proxy-enabled": false,
    "proxy-port": 80,
    "proxy-type": 0,
    "ratio-limit": 2.0000,
    "ratio-limit-enabled": false,
    "rpc-authentication-required": true,
    "rpc-bind-address": "0.0.0.0",
    "rpc-enabled": true,
    "rpc-password": "{3963087717ab1c8242bc3fe644b237dbbcd685efT4\/FnlIM",
    "rpc-port": 9091,
    "rpc-username": "transmission",
    "rpc-whitelist": "192.168.2.*",
    "proxy-auth-username": "",
    "proxy-enabled": false,
    "proxy-port": 80,
    "proxy-type": 0,
    "ratio-limit": 2.0000,
    "ratio-limit-enabled": false,
    "rpc-authentication-required": true,
    "rpc-bind-address": "0.0.0.0",
    "rpc-enabled": true,
    "rpc-password": "{3963087717ab1c8242bc3fe644b237dbbcd685efT4\/FnlIM",
    "rpc-port": 9091,
    "rpc-username": "transmission",
    "rpc-whitelist": "192.168.2.*",
    "rpc-whitelist-enabled": true,
    "speed-limit-down": 100,
    "speed-limit-down-enabled": false,
    "speed-limit-up": 100,
    "speed-limit-up-enabled": false,
    "umask": 0,
    "upload-limit": 100,
    "upload-limit-enabled": 0,
    "upload-slots-per-torrent": 14
}
Top
Longinus00
Posts: 137
Joined: Fri Aug 21, 2009 5:46 am

Re: 403: Forbidden running as user 'nobody'

Post by Longinus00 »

What do you mean by "Still nothing"?
Top
soofaloofa

Re: 403: Forbidden running as user 'nobody'

Post by soofaloofa »

Longinus00 wrote:What do you mean by "Still nothing"?
I mean that after the change to the umask I receive the same 403 error:

Code: Select all

    403: Forbidden

    Unauthorized IP Address.

    Either disable the IP address whitelist or add your address to it.

    If you're editing settings.json, see the 'rpc-whitelist' and 'rpc-whitelist-enabled' entries.

    If you're still using ACLs, use a whitelist instead. See the transmission-daemon manpage for details.
Top
Longinus00
Posts: 137
Joined: Fri Aug 21, 2009 5:46 am

Re: 403: Forbidden running as user 'nobody'

Post by Longinus00 »

Don't run as user nobody.
Top
soofaloofa

Re: 403: Forbidden running as user 'nobody'

Post by soofaloofa »

Longinus00 wrote:Don't run as user nobody.
Umm ... well yes if I don't run as nobody then everything works fine but the whole point of this thread is to get the web gui running properly as nobody so that I can download directly to my Samba share and then access those downloads without manually changing permissions each time.

I did find a solution though. To run transmission-daemon as nobody I did the following:

in /etc/init.d/transmission-daemon change

Code: Select all

$USER=debian-transmission
to

Code: Select all

$USER=nobody
then change the ownership of a few key files:

Code: Select all

sudo chown -R nobody:nogroup /etc/transmission-daemon/settings.json
sudo chown -R nobody:nogroup /var/lib/transmission-daemon/
Top
Longinus00
Posts: 137
Joined: Fri Aug 21, 2009 5:46 am

Re: 403: Forbidden running as user 'nobody'

Post by Longinus00 »

The whole point of changing the umask is so that you won't need to run as nobody.
Top
voldrix
Posts: 1
Joined: Fri Jan 18, 2013 11:46 pm

Run Transmission as your samba user group

Post by voldrix »

running Debian
I too wanted to have my newly downloaded files accessible in samba without changing permissions.
I do not want to make world writable either simply by changing the umask to 0.

I have several samba users on my server, but only I can write to the shares.
so I made a secondary samba-usr group and added everyone to that group, so they would have read access.
As my user has write access and is in the samba-usr group, I simply ran transmission under my user.

as root

Code: Select all

/etc/init.d/transmission-daemon stop
chown -R myuser:samba-usr /etc/transmission-daemon
chown -R myuser:samba-usr /var/lib/transmission-daemon
vim /etc/passwd #change debian-transmission user to your user id and samba-usr group id
su myuser
/etc/init.d/transmission-daemon start
It should now download files owned by you and the samba group. the default 18 umask will not give write permissions to the group, only user.
Hope this helps
Top
squeaky
Posts: 1
Joined: Wed Apr 17, 2013 2:44 am

Re: 403: Forbidden running as user 'nobody'

Post by squeaky »

i've found the solution that worked for me and actually solved the problem of running transmission-daemon as 'nobody' was to change ownership on the following folders:

Code: Select all

sudo chown -R nobody.nogroup /etc/transmission-daemon
sudo chown -R nobody.nogroup /var/lib/transmission-daemon
and of course, change the /etc/init.d/transmission-daemon file to launch as USER=nobody. i didn't need to change anything in /etc/passwd.

cheers,
Squeaky
Top
Post Reply

Return to “Web Interface”