Owncloud permissions

[qwertymodo]

Ok, so I'm setting up the Owncloud plugin, but by default the plugin just stores all of your data into the jail's own /media directory, and instead I want to mount my main dataset so I can access it through Owncloud, which opens up the nasty question of permissions. It seems like Owncloud runs as user www (UID 80). The permissions on my home directory (in FreeNAS) are 770 qwertymodo wheel. I don't know that I want to add www to wheel, that seems like it could open up some real ugly security holes really quickly. Any advice for best practices here?

 

[Joshua Parker Ruehlig]

if you plan on modifying your dataset not only through owncloud, don't mount your dataset as the data-directory (/media).
you should instead be accessing it through owncloud's external storage app.

 

[qwertymodo]

Ok, I did that using the "Local" storage type (I don't want to create CIFS shares just to mount a folder into a jail, that's unnecessary overhead), but I'm still getting "You don't have permission to upload or create files here". Also, it's mounting the "external storage" as a subfolder and you can still put files in the jail's /media folder. Is there any way to mount an external storage as the storage root?

 

[Joshua Parker Ruehlig]

Ok, I did that using the "Local" storage type (I don't want to create CIFS shares just to mount a folder into a jail, that's unnecessary overhead), but I'm still getting "You don't have permission to upload or create files here". Also, it's mounting the "external storage" as a subfolder and you can still put files in the jail's /media folder. Is there any way to mount an external storage as the storage root?

yes I've mounted it as root before. what are your mount settings in owncloud?

owncloud's user (www) needs write permissions to this folder
https://forums.freenas.org/index.ph...plugins-write-permissions-to-your-data.27273/

 

[qwertymodo]

Things like this really make me like Windows ACL's over Unix permissions. It makes so much more sense to just be able to say "users X, Y, and Z have write permissions on this folder" instead of having to either create a new group tailored to that folder's access, or add all of those users to an existing group that could potentially have far-reaching consequences...

Anyway, at least I managed to figure out the root mount part: http://bigonhype.com/index.php?page=owncloud-set-external-storage-as-default-root-folder