Dietpi vs www-data | NAS vs NEXTCLOUD Permissions

Hello guys,

I’m using an RPi5 on which I have:

NEXTCLOUD (Mainly for automatic backup of photos from phones)
NAS (As the main disk for computers on the home network)

I have it set up so that I have an external disk with 3 main folders (IPCAM, NEXTCLOUD, NAS), each with its own permissions for the respective application.

I have following directories with following permissions under /mnt/SSD

dietpi@pi:/mnt/SSD$ ls -la
total 36
drwxr-xr-x  6 www-data www-data  4096 Jul  5  2022 .
drwxr-xr-x  8 root     root      4096 Dec  2  2021 ..
drwxr-xr-x 65 motion   adm       4096 Mar 10 08:22 IPCAM
drwxr-xr-x 31 dietpi   dietpi    4096 Mar 10 16:36 NAS
drwxr-xr-x 15 www-data www-data  4096 Mar 10 16:37 NEXTCLOUD
drwxr-xr-x  2 www-data www-data 16384 Nov 21  2021 lost+found

I want to primarily use NAS as a full-fledged network disk, which I managed to achieve thanks to CIFS in Linux, where I mapped NAS as if it were a local disk under /mnt/… The speed, everything is great.

However, the problem is that it’s mapped under the user “dietpi”, and when I try to delete something from the “NEXTCLOUD” folder, which belongs to www-data, I get permission denied.

I tried adding the user dietpi to the www-data group, but that doesn’t seem to entirely solve my problem.

dietpi@pi:/mnt/SSD/NEXTCLOUD$ rm -rf test.tx.md
rm: cannot remove 'test.tx.md': Permission denied

What would you advise? How would you solve my situation? Basically, I only need NEXTCLOUD for photo synchronization, and I need NAS as the main NAS disk.

It could probably be solved by accessing it as root instead of dietpi.

Ideally, however, it would be to have the same rights for users: dietpi + www-data, which means both users could create and delete files in both the “NAS” or “NEXTCLOUD” folders. I’m just wondering if that wouldn’t be too chaotic…

Yes, the owner of the nextcloud data folder is www-data and inside the actual file folders others can only read and not write. So you could just use root user or add the user you want to the www-data group.

But if you directly delete files via CLI you would also need to run a filescan afterwards, to make nextcloud aware of this change and update it’s database, otherwise you will run into problems (the web panel will show files which does not exist anymore, for example)
You can invoke a scan with

ncc files:scan --path="/mnt/SSD/NEXTCLOUD/username/files"

even adding user into www-data group might not work, because folder have write permission on user www-data only (not on group).

Yes you are right, the files folder itself has 770, but the files only have 755.
The just use the correct user for manipulation

sudo -u www-data command

Thanks guys…so is there any way how to make www-data and dietpi to have the samepermissions vice-versa?

it’s basically 2 steps

  • add user dietpi to group www-data
  • add write permission for group www-data to all sub folder /mnt/SSD/NEXTCLOUD