Writing to /var/www and other questions

Hi,
I would like to use my DietPi (running in VirtualBox) as a little test server. As you know, the web server is already running (needed for the pi-hole and other services) and so I thought I could simply create a user to access “/var/www” from Windows. However, while I can read the files, I can not write to it. :thinking:

Here is what I did:

  1. Create a user
useradd markstar
passwd markstar
  1. Add Samba user
smbpasswd -a markstar
  1. Edit “/etc/samba/smb.conf”:
[websites]
        comment = Web Host Share
        path = /var/www
        browseable = yes
        create mask = 0775
        directory mask = 0775
        valid users = dietpie markstar
        writeable = yes
        read only = no
        force user = markstar

Note that I only added the last 3 lines after it didn’t work but they did not improve matters.
4. Restart all computers…

I realize there is something else going on, since I can not even create directories as the dietpi user via SSH - the question is, how DO I get it to work?

My other related question is whether I should install a dedicated Webserver Stack (I’m thinking LEMP) since my webhoster uses MySQL (also, Nextcloud recommends not using sqlite)? Is this recommended or will this mess with the existing settings (which I doubt have the expertise to fix)?

Thank you!

Easiest way is to use SCP. Just install OpenSSH client - ID0 (not the server) on DietPi and WinSCP on Windows. This way you can access all files and folder without issues.

BTW: just creating the user will not allow you to access anything. You need to allow permissions for the user to the respective directories. By default /var/www is owned by user www-data. And this user is allowed to access the files. You would need to add your user to www-data user group.

Yes, this would work, but I would still have to manually transfer the files after every change. Then I might as well use Filezilla as before and upload the files directly to the actual (test) web server.

I want to edit the files directly in my environment, which saves A LOT of time over the years, so that is not really an option for me (I would rather set up PHP, etc. in Windows then).

But surely this must be possible in 2021? :slight_smile:

(See my finished first post for my complete question(s)).

personally I have installed WinSCP and Notepad++ on Windows. In WinSCP I have set Notepad++ as editor. Just double click on files on WinSCP will open Notepad++ directly and I can edit files and save them back automatically.

@Joulinar I have added the user to the www-data user group:

cat /etc/group
...
www-data:x:33:www-data,markstar

I restarted everything but I still can’t write. :frowning:

personally I have installed WinSCP and Notepad++ on Windows. In WinSCP I have set Notepad++ as editor. Just double click on files on WinSCP will open Notepad++ directly and I can edit files and save them back automatically.

This is nice for single files, but not really feasible for whole environments.

This is nice for single files, but not really feasible for whole environments.

what is the blocker?


You would need to ensure write permission for the group www-data on the directory

I’m not sure what you mean by blocker. If you mean “reason why this isn’t feasible”, then things like SASS, etc.

You would need to ensure write permission for the group > www-data > on the directory

Hmm, how do I do that? Things are getting a bit messy…

I got it to work (somewhat):
I created a subdirectory and made the remote user the owner: chown markstar: /var/www/test/

However, despite markstar being in www-data (see above), chown www-data: /var/www/test/ did NOT work. Strange…

So I guess question solved, despite me still not understanding why www-data doesn’t work.

Also, despite markstar being able to create files and folders in the directory, the user can’t change its name, which I also find strange.

Either way, would have been nice to easily add users to groups and manage access to directories like that.

what is the error message on running chown www-data: /var/www/test/??

maybe you can have a look to a basic guide on unix file system permission. A beginner's guide to Linux permissions

If you don’t like to set permissions on command line, you can use WinSCP. There you have the possibility to easily set owner as well as permissions via gui

I did not get an error message running chown www-data: /var/www/test/
Moreover, it did show the owner correctly:

root@DietPi:/var/www# cat /etc/group
...
www-data:x:33:www-data,markstar
...
root@DietPi:/var/www# mkdir test
root@DietPi:/var/www# chown www-data: /var/www/test/
root@DietPi:/var/www# ls -al
total 136
drwxr-xr-x  6 root     root      4096 May 13 18:20 .
drwxr-xr-x 12 root     root      4096 May 10 12:35 ..
lrwxrwxrwx  1 root     root        19 May 10 12:43 admin -> /var/www/html/admin
-rw-r--r--  1 root     root     38084 May 12 17:14 apc.php
drwxr-xr-x  4 root     root      4096 May 10 12:38 html
drwxr-xr-x  5 markstar markstar  4096 May 13 16:49 test2
drwxr-xr-x 13 www-data www-data  4096 May 12 17:15 nextcloud
-rw-r--r--  1 root     root     67676 May 12 17:14 opcache.php
-rw-r--r--  1 root     root        20 May 12 17:14 phpinfo.php
lrwxrwxrwx  1 root     root        20 May 10 12:43 pihole -> /var/www/html/pihole
drwxr-xr-x  2 www-data www-data  4096 May 13 18:20 test



maybe you can have a look to a basic guide on unix file system permission. > https://opensource.com/article/19/6/understanding-linux-permissions

If you don’t like to set permissions on command line, you can use WinSCP. There you have the possibility to easily set owner as well as permissions via gui

Thank you, I read through it and I got that (except the text alternates between “Other” and “Owner”). In return that means that an entity can only have one user owner and one group owner, correct? This looks to me like a pretty significant limitation. But I don’t think that belongs in here…

Yes correct, a file or folder can be owned by one user and one group. Usually access to a shared folder is managed by the group as multiple user can be member of this group. On DietPi we use the DietPi user group to share file access between multiple applications. A typical use case on DietPi are thinks like Radarr, Sonarr, a torrent client and some music/video player.

Back to your folder test

drwxr-xr-x  2 www-data www-data  4096 May 13 18:20 test

As you can see it has write permission for user www-data only. Nobody else can write on this folder. Even www-data group members not. For this you would need to set write permission for the group as well.

Oh, how stupid of me. Using chmod -R g+rwx test/ did indeed fix the issue and now it works as intended!

Thank you so much again for your time and patience!

if you are coming from Windows, file system permissions doesn’t seems logic. But if you get used to it, it’s quite simple.

The /var/www/ folder is touched by the system, and not just the users/administrators, so you should not be messing with these settings on the base /var/www directory unless you know what you’re doing. Typically, with how I run things, I make site-specific directories inside /var/www/ , and then give myself permissions there, which solves the issue of the system overwriting site data accidentally (it usually won’t mess with subfolders in there of your own creation).