Hi,
I would like to use my DietPi (running in VirtualBox) as a little test server. As you know, the web server is already running (needed for the pi-hole and other services) and so I thought I could simply create a user to access “/var/www” from Windows. However, while I can read the files, I can not write to it. 
Here is what I did:
- Create a user
useradd markstar
passwd markstar
- Add Samba user
smbpasswd -a markstar
- Edit “/etc/samba/smb.conf”:
[websites]
comment = Web Host Share
path = /var/www
browseable = yes
create mask = 0775
directory mask = 0775
valid users = dietpie markstar
writeable = yes
read only = no
force user = markstar
Note that I only added the last 3 lines after it didn’t work but they did not improve matters.
4. Restart all computers…
I realize there is something else going on, since I can not even create directories as the dietpi user via SSH - the question is, how DO I get it to work?
My other related question is whether I should install a dedicated Webserver Stack (I’m thinking LEMP) since my webhoster uses MySQL (also, Nextcloud recommends not using sqlite)? Is this recommended or will this mess with the existing settings (which I doubt have the expertise to fix)?
Thank you!
Easiest way is to use SCP. Just install OpenSSH client - ID0 (not the server) on DietPi and WinSCP on Windows. This way you can access all files and folder without issues.
BTW: just creating the user will not allow you to access anything. You need to allow permissions for the user to the respective directories. By default /var/www is owned by user www-data. And this user is allowed to access the files. You would need to add your user to www-data user group.
Yes, this would work, but I would still have to manually transfer the files after every change. Then I might as well use Filezilla as before and upload the files directly to the actual (test) web server.
I want to edit the files directly in my environment, which saves A LOT of time over the years, so that is not really an option for me (I would rather set up PHP, etc. in Windows then).
But surely this must be possible in 2021? 
(See my finished first post for my complete question(s)).
personally I have installed WinSCP and Notepad++ on Windows. In WinSCP I have set Notepad++ as editor. Just double click on files on WinSCP will open Notepad++ directly and I can edit files and save them back automatically.
@Joulinar I have added the user to the www-data user group:
cat /etc/group
...
www-data:x:33:www-data,markstar
I restarted everything but I still can’t write. 
personally I have installed WinSCP and Notepad++ on Windows. In WinSCP I have set Notepad++ as editor. Just double click on files on WinSCP will open Notepad++ directly and I can edit files and save them back automatically.
This is nice for single files, but not really feasible for whole environments.
This is nice for single files, but not really feasible for whole environments.
what is the blocker?
You would need to ensure write permission for the group www-data on the directory
I’m not sure what you mean by blocker. If you mean “reason why this isn’t feasible”, then things like SASS, etc.
You would need to ensure write permission for the group > www-data > on the directory
Hmm, how do I do that? Things are getting a bit messy…
I got it to work (somewhat):
I created a subdirectory and made the remote user the owner: chown markstar: /var/www/test/
However, despite markstar being in www-data (see above), chown www-data: /var/www/test/ did NOT work. Strange…
So I guess question solved, despite me still not understanding why www-data doesn’t work.
Also, despite markstar being able to create files and folders in the directory, the user can’t change its name, which I also find strange.
Either way, would have been nice to easily add users to groups and manage access to directories like that.
what is the error message on running chown www-data: /var/www/test/??
maybe you can have a look to a basic guide on unix file system permission. A beginner's guide to Linux permissions
If you don’t like to set permissions on command line, you can use WinSCP. There you have the possibility to easily set owner as well as permissions via gui
I did not get an error message running chown www-data: /var/www/test/
Moreover, it did show the owner correctly:
root@DietPi:/var/www# cat /etc/group
...
www-data:x:33:www-data,markstar
...
root@DietPi:/var/www# mkdir test
root@DietPi:/var/www# chown www-data: /var/www/test/
root@DietPi:/var/www# ls -al
total 136
drwxr-xr-x 6 root root 4096 May 13 18:20 .
drwxr-xr-x 12 root root 4096 May 10 12:35 ..
lrwxrwxrwx 1 root root 19 May 10 12:43 admin -> /var/www/html/admin
-rw-r--r-- 1 root root 38084 May 12 17:14 apc.php
drwxr-xr-x 4 root root 4096 May 10 12:38 html
drwxr-xr-x 5 markstar markstar 4096 May 13 16:49 test2
drwxr-xr-x 13 www-data www-data 4096 May 12 17:15 nextcloud
-rw-r--r-- 1 root root 67676 May 12 17:14 opcache.php
-rw-r--r-- 1 root root 20 May 12 17:14 phpinfo.php
lrwxrwxrwx 1 root root 20 May 10 12:43 pihole -> /var/www/html/pihole
drwxr-xr-x 2 www-data www-data 4096 May 13 18:20 test
maybe you can have a look to a basic guide on unix file system permission. > https://opensource.com/article/19/6/understanding-linux-permissions
If you don’t like to set permissions on command line, you can use WinSCP. There you have the possibility to easily set owner as well as permissions via gui
Thank you, I read through it and I got that (except the text alternates between “Other” and “Owner”). In return that means that an entity can only have one user owner and one group owner, correct? This looks to me like a pretty significant limitation. But I don’t think that belongs in here…
Yes correct, a file or folder can be owned by one user and one group. Usually access to a shared folder is managed by the group as multiple user can be member of this group. On DietPi we use the DietPi user group to share file access between multiple applications. A typical use case on DietPi are thinks like Radarr, Sonarr, a torrent client and some music/video player.
Back to your folder test
drwxr-xr-x 2 www-data www-data 4096 May 13 18:20 test
As you can see it has write permission for user www-data only. Nobody else can write on this folder. Even www-data group members not. For this you would need to set write permission for the group as well.
Oh, how stupid of me. Using chmod -R g+rwx test/ did indeed fix the issue and now it works as intended!
Thank you so much again for your time and patience!
if you are coming from Windows, file system permissions doesn’t seems logic. But if you get used to it, it’s quite simple.
