Media Library: best permissions practice across 6 jails?

TLDR: can someone help me with an optimal permissions practice how-to in a situation with a single “Media” dataset that 6 different jails/programs plus an SMB user need read/write access to?

Way back in the day messing around with Sonarr, Plex, and qBittorrent I just had to cheat and blast the library with a chmod -R 777, plus execute a qBittorrent post-download 777 to make everything work. Now that I understand FreeBSD and jails a bit better, I’m ready to start tightening things up and using better practices.

I’m guessing this involves making a Truenas “media” user and/or group that owns the dataset, then in each jail edit some .conf file to make each jail run as that user or group? Specific commands, file locations, or links would be of great help, thanks!

I created users on the TrueNAS host for the user account used for reach app, using the same user IDs. Now that the users all exist on TrueNAS itself you can assign them as auxiliary access to datasets, or as them to a group.

Also you will notice when you look at system processes with top or htop the processes for the apps will be listed by username now, making it a bit easier to tell what is doing what.