NFS and permissions

I’m currently building a headless Debian NFS media server and I’m doing most of my testing on my desktop. My cliant streaming device will by my "WD TV Live’ TV streamer because it can read a Linux NFS network, I hate Samba. One of my problems is that the TV live will, via the internet, fetch the cover art for each movie title in my library but in order to do that it needs write access. I don’t like the idea of giving my TV Live write access to my library for a number of reasons. My solution was to give the TV Live write access to one directory but store my movies in another. I then wrote a script in bash to read each file in my RO movies directory and create a link to it in my RW TV Live directory. My script worked and I can play the movies but for whatever reason my TV Live still can’t write to the directory that I gave it write access to, both through NFS as well as through ext4 permissions. Here is the message I get when I try to fetch the meta data and cover art for each title
-> Unable to create media library. The selected source is configured ad Read-Only which prevents the WD TV from saving the media library.

My videos are in /home/garrett/Videos/Videos2 with RO permissions the TV Live’s RW directory is /home/garrett/Videos/Videos1 and it is full of links created by my script to the movies in Videos2. Since the TV Live has RW access to Videos2 I don’t see why it is still unable to write to that directory fetching the cover art and meta data.

Here is is the permissions to the library I’m sharing.
drwxrwxrwx 2 garrett garrett 4096 Jan 14 10:08 Videos1

And here is my /etc/exports file

/home/garrett/VideoTest/Videos1 * (rw,async)

Here is my script



ls *mkv | while read LSRESULTS
    cd ${TARGETPATH}
    if [! -a “${LSRESULTS}”]; then


Any ideas?

well you’ve got quite a complicated issue with permissions here

first the more obvious options, which I understand might not be what you want

  1. turn off the media library on the WD, and also the settings for getting content

that way while it might try to write a few cache files, it shouldn’t dump tons of files onto your server

  1. create a script to delete the files created by the WD

then set a cron job, for maybe once a day to auto run the script

  1. of coarse just export it RO, untested, but should still be able to play files, but not write

meaning media library would not work

so getting right along

if you do really want to keep write access required for media library

but want read only for your movie directories

here’s what I would try


if you’re not family with aufs it’s similiar to unionfs, but supports different permissions on the various branches of the union

and it is possible to export aufs directories via nfs

what I don’t know regarding aufs

will the nfs export settings override the auto permissions ?

and what is the state of the debian kernel

besides the aufs utils, to export aufs via nfs requires a few kernel settings

these became default enabled settings in Ubuntu Server edition, approx 1 year ago

so it would look like this

/folder with rw access

/movies with ro access

/aufs-directory with rw access to folder and ro access to movies - exported via nfs (export file will require fsid option)

so then additional options, besides some advanced nfs permissions stuff, which I don’t know well

you can see one of the man pages here

maybe something with root squash can accomplish this, when combined with correct file level permissions

I do have other options to achieve this, but it would require custom firmware

to set it all up from the WD’s end

but it would be a whole lot more straight forward

like just export a single directory rw from your server but have the WD writing to a different partition