File Browser write permissions question

RiseFall · 8 September 2024 21:11

I installed File Browser by the dietpi-software menu and then I set the correct path of data.

File Browser will write files and folders with the “filefolders” user and the “dietpi” group (only read).

This brings an issue.

When I want to edit files and folders created by File Browser with the regular “dietpi” user or via Samba by the “dietpi” account, it won’t be possible.

Viceversa,

If I create files and folders with the regular “dietpi” user or via its Samba account, those won’t be editable by File Browser (they’ll use the “dietpi” group in read only mode).

If I “chmod” the entire path of data recursively with “g+w” the issue will be solved but, If I create a new file or a new folder in either File Browser or the regular Samba account of “dietpi” user, the problem will appear again and again.

I know there are a bunch of apps, in dietpi-software, that use their own user for write files and folders but I notice that they use, correctly, the group “dietpi” in read and write mode so they don’t cause any issues when other apps or users want to edit their files (if they belong to the “dietpi” group, of course).

I’m missing something in the correct usage of File Browser?

RiseFall · 12 September 2024 08:53

I installed a docker version of the same app, ran by docker compose.

At the beginning of the docker-compose.yaml, I added “user: 1000:1000” and then this version of File Browser finally write directly as “dietpi” user, therefore, the issue seem solved in this way.

I still am curious about the correct way to work with the dietpi-software version of this app in order to reach the same result.

StephanStS · 12 September 2024 12:26

If there will be a different solution to using a docker version, I would like to know the measures, possibly this could be some input for our documentation of file browser: Cloud and Backup Systems Software Options - DietPi.com Docs

Jappe · 12 September 2024 15:52

In the service file for file browser we have:

[Service]
User=filebrowser
UMask=002
ExecStart=/opt/filebrowser/filebrowser -d /mnt/dietpi_userdata/filebrowser/filebrowser.db

So you could change the user or change the umask to 0.

So I made a quick test, changing the umask did nothing for me, but changing the user worked like a charm.

You can modify it via dietpi-services → filebrowser → Edit.
Remove the # and change to the user of your liking.

You could also use the internal command runner (In the webpanel in the settings under Global Settings and config a chown/chmod for After Save, which then should be applied after creating/altering a file. But for me this is more like a work-around solution.

RiseFall · 15 September 2024 16:58

Maybe now we can.

I want to test it a little more but it seem to work with an add to what Jappe said.

I had to edit the File Browser service with dietpi-services.

Then I removed the “#” before “User” and inserted my selected user (which is not “root”!) instead of “filebrowser”.

But the service failed to start.

Then I went to:

/mnt/dietpi_userdata/filebrowser/filebrowser.db

And I had to chown that file, to my selected user.

Jappe · 15 September 2024 18:37

Ah yes, sure you have to change this too. The user who starts file browser needs access to the config db.