mirror of
https://github.com/Sonarr/Sonarr
synced 2024-12-23 00:07:07 +00:00
Updated Autostart on Debian (markdown)
parent
524749e4c4
commit
295e9e467e
1 changed files with 8 additions and 5 deletions
|
@ -100,29 +100,32 @@ exit 0
|
||||||
|
|
||||||
**Security Note**
|
**Security Note**
|
||||||
|
|
||||||
For security purposes, you can prevent this account from being logged into by editing the '/etc/passwd' entry for user nzbdrone and changing it to '/bin/false' or /usr/sbin/nologin'. I've also removed the password from '/etc/shadow'. From researching, these both appear to be the manual ways to perform the '--disable-login' and '--disable-password' while creating a new user. Alternatively, you can accomplish this same task by creating a user with the '--system' option.
|
For security purposes, you can prevent this account from being logged into by editing the '/etc/passwd' entry for user nzbdrone and changing it to '/bin/false' or /usr/sbin/nologin'. I've also removed the password from '/etc/shadow'. From researching, these both appear to be the manual ways to perform the '--disable-login' and '--disable-password' while creating a new user. Alternatively, you can accomplish this same task by creating a user with the '--system' option. If You use the --system flag while creating a user, it will not have a home directory as listed below, so You may need to manually create one.
|
||||||
|
|
||||||
/etc/passwd 'nzbdrone:x:1001:1001:NzbDrone Sonarr Media:/home/nzbdrone:/bin/false'
|
/etc/passwd 'nzbdrone:x:1001:1001:NzbDrone Sonarr Media:/home/nzbdrone:/bin/false'
|
||||||
/etc/shadow 'nzbdrone:*:17124:0:99999:7:::'
|
/etc/shadow 'nzbdrone:*:17124:0:99999:7:::'
|
||||||
|
|
||||||
Utilizing the '/usr/sbin/nologin' option will output what's seen below, when attempting to change to that user from root.
|
Utilizing the '/bin/false' option will output what's seen below, when attempting to change to that user from root.
|
||||||
|
|
||||||
su - nzbdrone
|
su - nzbdrone
|
||||||
This account is currently not available.
|
This account is currently not available.
|
||||||
|
|
||||||
Now, recursively edit the /opt/NzbDrone directory to only allow read, write and executable access to the directory owner and other users in the same group as this directory.
|
Now, recursively edit the /opt/NzbDrone directory, and the home directory, to only allow read, write and executable access to the directory owner and other users in the same group as this directory.
|
||||||
|
|
||||||
chmod 770 /opt/NzbDrone -R
|
chmod 770 /opt/NzbDrone -R
|
||||||
|
chmod 770 /home/nzbdrone -R
|
||||||
|
|
||||||
Add the directory to the group 'nzbdrone' and modify the owner to 'nzbdrone'
|
Add the directories to the group 'nzbdrone' and modify the owner to 'nzbdrone'
|
||||||
|
|
||||||
chown nzbdrone:nzbdrone /opt/NzbDrone -R
|
chown nzbdrone:nzbdrone /opt/NzbDrone -R
|
||||||
|
chown nzbdrone:nzbdrone /home/nzbdrone -R
|
||||||
|
|
||||||
If all is well, you should see the following outputs.
|
If all is well, you should see the following outputs.
|
||||||
|
|
||||||
ls -ld /opt/NzbDrone/
|
ls -ld /opt/NzbDrone/
|
||||||
drwxrwx--- 4 nzbdrone nzbdrone 4096 Nov 23 17:31 /opt/NzbDrone/
|
drwxrwx--- 4 nzbdrone nzbdrone 4096 Nov 23 17:31 /opt/NzbDrone/
|
||||||
|
ls -ld /home/sabnzbd
|
||||||
|
drwxrwx--- 4 nzbdrone nzbdrone 4096 Nov 23 17:36 /home/nzbdrone
|
||||||
ls -la /opt/NzbDrone/NzbDrone.exe
|
ls -la /opt/NzbDrone/NzbDrone.exe
|
||||||
-rwxrwx--- 1 nzbdrone nzbdrone 23552 Nov 6 13:05 /opt/NzbDrone/NzbDrone.exe
|
-rwxrwx--- 1 nzbdrone nzbdrone 23552 Nov 6 13:05 /opt/NzbDrone/NzbDrone.exe
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue