All infos can be found on GitHub: https://github.com/MichaIng/DietPi/issues/4728
Many thanks to all testers !
All infos can be found on GitHub: https://github.com/MichaIng/DietPi/issues/4728
Many thanks to all testers !
There is a problem with FileBrowser user dietpi doesnât have ADMIN and SHARE permissions.
I fixed it.
dietpi-services stop filebrowser
/opt/filebrowser/filebrowser users update dietpi --perm.admin --perm.share -d /mnt/dietpi_userdata/filebrowser/filebrowser.db
Yap we will have a look. Thx
DietPi v7.6 has just been released. Many thanks to all testers!
Any idea on how to change the path from /mnt to /?
you can try following
cd /mnt/dietpi_userdata/filebrowser
dietpi-services stop filebrowser
/opt/filebrowser/filebrowser config set -r /
dietpi-services start filebrowser
That did it! As always, thank you for the help!
So my next question would be how to set permissions for the âdietpiâ user to access /root?
This is a bad idea. Leave /root as it is. If you need to store something as dietpi user, use /home/dietpi
yes, what is the reason for trying to get web browser access to /root. Due to security we decided for a different user without root-user privileges.
at the end a lot of thinks are possible even to switch file browser user.
Indeed /root is the ârootâ users home directory, and it breaks the basic privacy and security ideas to grant any user access to another users home directory, most importantly the root users home directory. Home directories may contain secret private keys, like for SSH and other sensitive stuff, that must not be accessed by anyone else.
Since File Browser runs as âfilebrowserâ service user, this also applies to /home/dietpi, although much less critical.
For sharing files across users, I recommend a directory outside of any users home. If shared write permissions are required, use a shared group, like it is done with /mnt/dietpi_userdata and the âdietpiâ group.
I respectfully disagree as you are unaware of my intentions. Since I live alone and am very privacy oriented in my endeavours (multiple VPN routing policies, self-hosted recursive DNS server, firewalled at the router, expanded firewall setups on all of my PCâs, etc.), I am not concerned with unauthorized access. Additionally, I have root access setup (Samba or FTP) with most of my Piâs so I can access files easier (although the Piâs running backend security do not have root access since they have access outside of my LAN).
Furthermore, this particular Pi that I am working on is my Development/Testing Pi and is not âmission-criticalâ to anything. I am one of those people that likes to explore new software to get familiar with it as well as to expand my intermediate knowledge of coding (in otherwords, I like to tinker with things).
My reason is simply to test different things as mentioned above. And as you said, there are many possiblities and I wanted to explore!
Yes, I understand that it breaks the very essence of security. After reviewing the Filebrowser website, I tried running a permissions change command but was unable to - basically the reason why I asked is because I am failing to understand Filebrowerâs command line syntax/structure, and with examples I can better understand it. For example, the first question I asked about accessing files outside of /mnt/dietpi_userdata helped me understand their syntax more.
Either way, I appreciate the help - no need to provide me with an answer to this question since I really donât need access to it!
Apart from security aspect, incorrect file and folder permissions can render the system unusable. Changing permissions on linux is something trivial. Therefore if you donât know that, you are classified as a novice user. And linux doesnât protect you from breaking your own system the way windows do. Take all these into consideration and decide what is best for you. It is our duty to warn you.
just to avoid a misunderstanding. File system access on OS level is not defined somewhere in filebrowser application or can be changed using filebrowser command line tool. This we defined on the service file we created. There we set OS user filebrowser as the one who is running the service. And this OS user is used to perform all activities on the OS/file system. As this user has no root permission, he is not able to access directories or files that or owned by user root. As well this user has nothing to do with the user you use to login to filebrowser web side. filebrowser has an own user management allowing to manage web side access only.
Coming back to the original question: you would need to adjust the service to gain root access.
There is no need to âclassifyâ me as it seems that your understanding of my question is not valid. I will not discuss this further as you have not provided any assistance expect to make assumptions. What you have stated is something that I already understand - please review my responses.
Thank you - and yes, I understand. I have already configured root access via Filebrowser as of early this morning. I appreciate your explanation, and I understand the reasoning behind how Diet Pi has configured permissions for this software.
Please consider my inquiry, closed.