Fermars
Posts: 21
Joined: Wed Sep 17, 2014 2:35 pm
Location: Madrid, Spain

Permissions in Lighttpd - FTP access using pi

Fri Sep 19, 2014 8:50 am

Hello everyone, I am asking because I want to do the things right but I don't really know how.
I have installed on my Raspberry everything is needed to work with wordpress (mysql, lighttpd,...). I have enabled "user directories" to have my public_html folder inside my /home/pi.
Lighttpd creates a user/group www-data so my Wordpress folder have to have all files (644) and folders (755) to that user to work properly (install plug-ins, updates,...).
The problem is that I always log-in with the user "pi" so if I want to change something inside the Wordpress folder I need to do it as root because "pi" user doesn't have rights to do anything. If I am using the console directly or accesing via ssh I don't mind to work as root, but the great problem is when I access throught FTP because I cannot modify or create anything as I said.

So, what I want to know is how to configure the rights properly in order to leave user pi to have complete access to Wordpress files and folders.
One way is to change permissions to files and folders to 777 but obviously is a huge security hole so no way. On the other hand, I can change all Wordpress files and folders to user/group "pi" and I wouldn't have problems when accessing through FTP but I would have the same errors as I said when lighttpd try to write there. Also I can change in lighttpd.conf user and group to "pi" but it could get other issues with /var/www folders and logs... So I cannot figure out how to solve this puzzle.

Any suggestion?
Thank you! :)

User avatar
rpdom
Posts: 17198
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Permissions in Lighttpd - FTP access using pi

Fri Sep 19, 2014 12:46 pm

You could add user pi to group www-data and set the file/directory permissions to 664/775. That would make the permissions tighter than having everything as 666/777. Don't forget to log out of user pi and log back in again after making the change to the group.

Fermars
Posts: 21
Joined: Wed Sep 17, 2014 2:35 pm
Location: Madrid, Spain

Re: Permissions in Lighttpd - FTP access using pi

Sat Sep 20, 2014 7:39 pm

Hi, thank you for your reply.
It could be a possible solution but is not enough in this case because the public_html or home directory is dynamic, and any new folder or file will be created as 755 or 644. I was thinking in change the umask (not sure if it will work) parameter but this will change not just the files and folders inside public_html but every file and folder I create with the user "pi".
I also have the same problem with the program "motion" (so, is a very common issue) because the program creates a new user/group called motion, and any folder you want the program to write to must belong to "motion". Again, I can work as a root when working directly on the Pi or SSH, but not when accessing through FTP.

I wonder how web hosting companies solve this kind of problems when not just one user is working inside the same server...

Return to “Networking and servers”