MPD / Lighttpd ...wasted 12 hours...hope this help Topic is solved

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
User avatar
MichaIng
Site Admin
Posts: 2324
Joined: Sat Nov 18, 2017 6:21 pm

Re: MPD / Lighttpd ...wasted 12 hours...hope this help

Post by MichaIng »

Jep, usermod -aG dietpi www-data would be also my solution. This is btw not new to v6.33 but only the way a few services run as this group has been changed a bid.

I'm no big fan of adding too much users by default to that group which would break the security aspect. dietpi group is already quite mighty as it gains write access to nearly all userdata in /mnt/dietpi_userdata. Instead we might want to write a documentation page about UNIX permissions in general and how to check/debug/change users and file permissions, as well for special cases (samba mount, FAT file system and such?): https://dietpi.com/docs/
I thinks this would be very useful and simply an important topic when running a UNIX server in general :).

Regarding Allo and /var/www in general. In the past indeed everything in /var/www was owned by www-data user, but actually that is neither required not recommended (from security perspective). Usually www-data only needs to read the website and to write to it. Only in certain cases where config files are written to via PHP backend or the web application has an internal updater, this is needed. So most /var/www subfolders are root:root owned, so is Allo web UI.
Post Reply